From 054f970f913962d1bb3b96fbae9a612dfb9e42a9 Mon Sep 17 00:00:00 2001 From: Valentin Tolmer Date: Sun, 23 May 2021 17:06:43 +0200 Subject: [PATCH] Make logout a post request, fix cookie path --- src/infra/auth_service.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/infra/auth_service.rs b/src/infra/auth_service.rs index 4782a2d..eedf9a0 100644 --- a/src/infra/auth_service.rs +++ b/src/infra/auth_service.rs @@ -108,7 +108,7 @@ where .unwrap_or_else(error_to_http_response) } -async fn get_logout( +async fn post_logout( data: web::Data>, request: HttpRequest, ) -> HttpResponse @@ -153,7 +153,7 @@ where .cookie( Cookie::build("refresh_token", "") .max_age(0.days()) - .path("/api/authorize/refresh") + .path("/auth") .http_only(true) .same_site(SameSite::Strict) .finish(), @@ -197,7 +197,7 @@ where .cookie( Cookie::build("refresh_token", refresh_token + "+" + &request.name) .max_age(max_age.num_days().days()) - .path("/api/authorize/refresh") + .path("/auth") .http_only(true) .same_site(SameSite::Strict) .finish(), @@ -305,5 +305,5 @@ where { cfg.service(web::resource("").route(web::post().to(post_authorize::))) .service(web::resource("/refresh").route(web::get().to(get_refresh::))) - .service(web::resource("/logout").route(web::get().to(get_logout::))); + .service(web::resource("/logout").route(web::post().to(post_logout::))); }