Clear browser cache when logging out

sillsdev · Nov 21, 2024 · 43747e5 · 43747e5
1 parent 5669ca0
commit 43747e5
Showing 1 changed file with 22 additions and 17 deletions.
diff --git a/frontend/src/hooks.server.ts b/frontend/src/hooks.server.ts
@@ -1,13 +1,13 @@
-import { loadI18n, pickBestLocale } from '$lib/i18n';
-import { AUTH_COOKIE_NAME, getUser, isAuthn } from '$lib/user'
-import { apiVersion } from '$lib/util/version';
-import { redirect, type Handle, type HandleFetch, type HandleServerError, type RequestEvent, type ResolveOptions } from '@sveltejs/kit'
-import { ensureErrorIsTraced, traceRequest, traceFetch } from '$lib/otel/otel.server'
-import { env } from '$env/dynamic/private';
-import { getErrorMessage, validateFetchResponse } from './hooks.shared';
-import { setViewMode } from './routes/(authenticated)/shared';
+import {loadI18n, pickBestLocale} from '$lib/i18n';
+import {AUTH_COOKIE_NAME, getUser, type LexAuthUser} from '$lib/user';
+import {apiVersion} from '$lib/util/version';
+import {redirect, type Handle, type HandleFetch, type HandleServerError, type RequestEvent, type ResolveOptions} from '@sveltejs/kit';
+import {ensureErrorIsTraced, traceRequest, traceFetch} from '$lib/otel/otel.server';
+import {env} from '$env/dynamic/private';
+import {getErrorMessage, validateFetchResponse} from './hooks.shared';
+import {setViewMode} from './routes/(authenticated)/shared';
 import * as setCookieParser from 'set-cookie-parser';
-import { AUTHENTICATED_ROOT, UNAUTHENTICATED_ROOT } from './routes';
+import {AUTHENTICATED_ROOT, UNAUTHENTICATED_ROOT} from './routes';
 
 const PUBLIC_ROUTE_ROOTS = [
   UNAUTHENTICATED_ROOT,
@@ -20,31 +20,35 @@ function getRoot(routeId: string): string {
   return root;
 }
 
-async function initI18n(event: RequestEvent): Promise<void> {
-  const user = event.locals.getUser();
+async function initI18n(event: RequestEvent, user: LexAuthUser | null): Promise<void> {
   const acceptLanguageHeader = event.request.headers.get('Accept-Language');
   // Used for SSR + emails + CSR
   event.locals.activeLocale = pickBestLocale(user?.locale, acceptLanguageHeader);
   await loadI18n();
 }
 
 // eslint-disable-next-line func-style
-export const handle: Handle = ({ event, resolve }) => {
+export const handle: Handle = ({event, resolve}) => {
   console.log(`HTTP request: ${event.request.method} ${event.request.url}`);
   event.locals.getUser = () => getUser(event.cookies);
   return traceRequest(event, async () => {
-    await initI18n(event);
+    const user = event.locals.getUser();
+    await initI18n(event, user);
 
     const options: ResolveOptions = {
       filterSerializedResponseHeaders: () => true,
     }
 
-    const { cookies, route: { id: routeId } } = event;
+    const {cookies, route: {id: routeId}} = event;
     if (!routeId) {
       redirect(307, '/');
     } else if (PUBLIC_ROUTE_ROOTS.includes(getRoot(routeId))) {
-      return resolve(event, options);
-    } else if (!isAuthn(cookies)) {
+      const response = await resolve(event, options);
+      if (routeId.endsWith('/logout')) {
+        response.headers.set('Clear-Site-Data', '"cache"');
+      }
+      return response;
+    } else if (!user) {
       const relativePath = event.url.href.substring(event.url.origin.length);
       if (relativePath !== '/')
         redirect(307, `/login?ReturnUrl=${encodeURIComponent(relativePath)}`);
@@ -57,7 +61,8 @@ export const handle: Handle = ({ event, resolve }) => {
     }
 
     return resolve(event, options);
-  })
+  });
+
 };
 
 // eslint-disable-next-line func-style