Unset any existing auth cookie if identity is unknown

qwc-services · Sep 26, 2024 · d5382f2 · d5382f2
1 parent 721bcf7
commit d5382f2
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/src/server.py b/src/server.py
@@ -60,6 +60,7 @@ def add(self, value):
 
 
 @app.route('/login', methods=['GET'])
+@optional_auth
 def login():
     config_handler = RuntimeConfig("mysochAuth", app.logger)
     tenant = tenant_handler.tenant()
@@ -221,10 +222,14 @@ def login():
         return resp
     else:
         target_query.update({'mysoch:unknownidentity': 1})
+        parts = parts._replace(query=urlencode(target_query))
+        target_url = urlunparse(parts)
+        resp = make_response(redirect(target_url))
 
-    parts = parts._replace(query=urlencode(target_query))
-    target_url = urlunparse(parts)
-    return make_response(redirect(target_url))
+        if identity:
+            unset_jwt_cookies(resp)
+
+        return resp
 
 @app.route('/checklogin', methods=['GET'])
 @optional_auth