feat(SW-162): Used token instead of cookie

2024-08-09 17:45:29 +02:00
parent e7f7fb286e
commit 51df6bfd34
5 changed files with 44 additions and 70 deletions
--- a/app/[lang]/(live)/(protected)/logout/route.ts
+++ b/app/[lang]/(live)/(protected)/logout/route.ts
@@ -1,5 +1,5 @@
 import { createActionURL } from "@auth/core"
-import { cookies, headers as nextHeaders } from "next/headers"
+import { headers as nextHeaders } from "next/headers"
 import { NextRequest, NextResponse } from "next/server"
 import { AuthError } from "next-auth"

@@ -63,8 +63,6 @@ export async function GET(
    console.log({ logout_NEXTAUTH_URL: process.env.NEXTAUTH_URL })
    console.log({ logout_env: process.env })

-    const cookieStore = cookies()
-    cookieStore.set("_MFA-validated-cookie", "", { maxAge: 0 })
    const headers = new Headers(nextHeaders())
    const signOutURL = createActionURL(
      "signout",
--- a/app/[lang]/(live)/(public)/login/route.ts
+++ b/app/[lang]/(live)/(public)/login/route.ts
@@ -86,16 +86,34 @@ export async function GET(
    console.log({ login_env: process.env })

    console.log({ login_redirectTo: redirectTo })
-    const signInProvider = isMFA ? "curity-mfa" : "curity"
+    const params = isMFA
+      ? {
+          ui_locales: context.params.lang,
+          scope: ["profile_update", "openid", "profile"].join(" "),
+          /**
+           * The below acr value is required as for New Web same Curity Client is used for MFA
+           * while in current web it is being setup using different Curity Client
+           */
+          acr_values:
+            "urn:se:curity:authentication:otp-authenticator:OTP-Authenticator_web",
+        }
+      : {
+          ui_locales: context.params.lang,
+          scope: ["openid", "profile"].join(" "),
+          /**
+           * The `acr_values` param is used to make Curity display the proper login
+           * page for Scandic. Without the parameter Curity presents some choices
+           * to the user which we do not want.
+           */
+          acr_values: "acr",
+        }
    const redirectUrl = await signIn(
-      signInProvider,
+      "curity",
      {
        redirectTo,
        redirect: false,
      },
-      {
-        ui_locales: context.params.lang,
-      }
+      params
    )

    if (redirectUrl) {