Implement Password Grant Flow for Authentication and Enhance User Experience
- Introduced Password Grant Flow for user authentication, allowing direct login with email and password. - Updated `useAuth` composable to manage login and logout processes, including Single Sign-Out from Cidaas. - Enhanced user interface with a new `UserMenu` component displaying user information and logout functionality. - Updated homepage to show personalized greetings for logged-in users and a login prompt for guests. - Added logout confirmation page with a countdown redirect to the homepage. - Documented the implementation details and future enhancements for OAuth2 flows in CLAUDE.md and other relevant documentation. - Added test credentials and guidelines for automated testing in the new TESTING.md file.
This commit is contained in:
Bastian Masanek
@@ -82,6 +82,7 @@ export default defineEventHandler(async (event) => {
|
||||
firstName: user.firstName,
|
||||
lastName: user.lastName,
|
||||
},
|
||||
accessToken: tokens.access_token, // Store for logout
|
||||
loggedInAt: new Date().toISOString(),
|
||||
})
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
/**
|
||||
* POST /api/auth/logout
|
||||
*
|
||||
* End user session and clear session cookie
|
||||
* End user session and perform Single Sign-Out at Cidaas
|
||||
*
|
||||
* Response:
|
||||
* {
|
||||
@@ -12,13 +12,34 @@
|
||||
*/
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
// Clear session (nuxt-auth-utils)
|
||||
await clearUserSession(event)
|
||||
try {
|
||||
// 1. Get session to retrieve access token
|
||||
const session = await getUserSession(event)
|
||||
|
||||
// Optional: Revoke Cidaas tokens (Single Sign-Out)
|
||||
// This would require storing refresh_token in session and calling Cidaas revoke endpoint
|
||||
// 2. If access token exists, logout from Cidaas (Single Sign-Out)
|
||||
if (session.accessToken) {
|
||||
try {
|
||||
await logoutFromCidaas(session.accessToken)
|
||||
} catch (error) {
|
||||
// Log error but continue with local logout
|
||||
console.error('Cidaas logout failed, continuing with local logout:', error)
|
||||
}
|
||||
}
|
||||
|
||||
return {
|
||||
success: true,
|
||||
// 3. Clear local session (nuxt-auth-utils)
|
||||
await clearUserSession(event)
|
||||
|
||||
return {
|
||||
success: true,
|
||||
}
|
||||
} catch (error) {
|
||||
console.error('Logout error:', error)
|
||||
|
||||
// Clear session even if Cidaas logout fails
|
||||
await clearUserSession(event)
|
||||
|
||||
return {
|
||||
success: true, // Always return success for logout
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
18
server/api/test/credentials.get.ts
Normal file
18
server/api/test/credentials.get.ts
Normal file
@@ -0,0 +1,18 @@
|
||||
/**
|
||||
* GET /api/test/credentials
|
||||
*
|
||||
* Returns test user credentials for automated testing
|
||||
*
|
||||
* ⚠️ SECURITY: This endpoint is ONLY available in development mode.
|
||||
* It returns 404 in production to prevent credential exposure.
|
||||
*
|
||||
* Usage in tests:
|
||||
* ```typescript
|
||||
* const response = await fetch('http://localhost:3000/api/test/credentials')
|
||||
* const { email, password } = await response.json()
|
||||
* ```
|
||||
*/
|
||||
|
||||
import { createTestCredentialsEndpoint } from '../../utils/test-helpers'
|
||||
|
||||
export default createTestCredentialsEndpoint()
|
||||
Reference in New Issue
Block a user