From aa8f87153958feb56b7b27720d6d3dcfd48ae55f Mon Sep 17 00:00:00 2001
From: Mart van Santen <mart@greenhost.nl>
Date: Thu, 8 Jun 2023 14:37:47 +0800
Subject: [PATCH] Handle local storage cookie

---
 backend/areas/auth/auth.py       |  4 +++-
 backend/web/login/login.py       |  6 ++++--
 backend/web/templates/clear.html | 14 ++++++++++++++
 3 files changed, 21 insertions(+), 3 deletions(-)
 create mode 100644 backend/web/templates/clear.html

diff --git a/backend/areas/auth/auth.py b/backend/areas/auth/auth.py
index c972752e..5ea14d93 100644
--- a/backend/areas/auth/auth.py
+++ b/backend/areas/auth/auth.py
@@ -36,8 +36,10 @@ def hydra_callback():
         if i["traits"]["email"] == user_info["email"]:
             identity = i
 
+    # Short lifetime for token. If the session is still active, it will be
+    # automatically renewed via Hydra.
     access_token = create_access_token(
-        identity=token, expires_delta=timedelta(days=365), additional_claims={"user_id": identity["id"]}
+        identity=token, expires_delta=timedelta(hours=1), additional_claims={"user_id": identity["id"]}
     )
 
     apps = App.query.all()
diff --git a/backend/web/login/login.py b/backend/web/login/login.py
index e2855721..e03b03ed 100644
--- a/backend/web/login/login.py
+++ b/backend/web/login/login.py
@@ -580,7 +580,8 @@ def logout():
     if not kratos_cookie:
         # No kratos cookie, already logged out
         current_app.logger.info("Expected kratos cookie but not found. Redirecting to login");
-        return redirect("login")
+        return render_template("clear.html",
+            url="login")
 
     try:
         # Create a Logout URL for Browsers
@@ -592,7 +593,8 @@ def logout():
         current_app.logger.error("Exception when calling"
             " create_self_service_logout_flow_url_for_browsers: %s\n",
             ex)
-    return redirect(kratos_api_response.logout_url)
+    return render_template("clear.html",
+            url=kratos_api_response.logout_url)
 
 
 if DEMO_INSTANCE:
diff --git a/backend/web/templates/clear.html b/backend/web/templates/clear.html
new file mode 100644
index 00000000..c1a37ddb
--- /dev/null
+++ b/backend/web/templates/clear.html
@@ -0,0 +1,14 @@
+{% extends 'base.html' %}
+
+{% block content %}
+
+<script>
+    // Wipe the local storage
+    localStorage.removeItem("persist:root");
+    // Redirect
+    window.location = '{{ url }}';
+</script>
+
+Redirecting ...
+
+{% endblock %}
-- 
GitLab