Comments (5)
vaunus
commented on July 30, 2024
1
@vigneshprabhud you need to setup a logout uri as part of your lambda logic and then do a 302 redirect and clear the cookies as part of that same lambda response.
Something like this:
const { request } = event.Records[0].cf
if (request.uri === '/logout') {
const location = `https://${userPoolDomain}/logout?redirect_uri=${url.origin}&response_type=code&client_id=${userPoolAppId}&state=${state}`
const response = {
status: '302',
headers: {
location: [{ key: 'Location', value: location }],
'set-cookie': [
`cookie1=; Domain=${cookieDomain}; Expires=${new Date(0)}; Secure`,
`cookie2=; Domain=${cookieDomain}; Expires=${new Date(0)}; Secure`
]
}
}
}
Hope that helps!
from cognito-at-edge.
jeandek
commented on July 30, 2024
Hi Vaughan, I'm glad that this package is useful for you, but I don't think what you are describing is a good fit.
Logging out and invalidating Cognito tokens should be handled by your application. For example, it can be done using the Amplify framework. You can also write your own implementation that calls the Cognito LOGOUT endpoint if you don't want or can't use Amplify, but it should live client-side. From a Lambda function, it would not be possible to clear the user's cookies.
Please tell me if I'm missing something.
from cognito-at-edge.
vaunus
commented on July 30, 2024
No problem @jeandek I will adapt our own custom lambda for these purposes then.
FYI it is definitely possible to clear cookies via the lambda. I already have this working via my POC lambda. Just set Expires=Thu Jan 01 1970 00:00:00 GMT+0000 (Coordinated Universal Time); or some other date in the past. I believe this is how cookies are expired server side anyway.
Anyway, I will close the issue for now, thanks for getting back to me 👍🏻
from cognito-at-edge.
jeandek
commented on July 30, 2024
TIL, I did not know about expiring cookies from the server.
I discussed your request with the team and we agreed that it could be a useful feature to have in some environments. The implementation you described in the original post also would not increase the package's complexity unreasonably. If you're willing to submit a PR, we'd be happy to review it.
from cognito-at-edge.
vigneshprabhud
commented on July 30, 2024
@vaunus I have the same problem as you mentioned. How did to manage to clear cookies and redirect to logout url of Cognito? Is there a snippet that you could share? thanks.
from cognito-at-edge.
Related Issues (20)
- CORS error while redirecting
- Read PoolId, clientId from Secrets manager HOT 5
- login redirect with custom state does not work properly HOT 2
- How to get the logged in user in the application HOT 3
- Configurable cookie domains
- Mitigate CSRF attacks
- Make handler methods public
- purpose of disableCookieDomain - as will default to origin domain? HOT 1
- Redirect loop after refresh fetch caused by cookie path HOT 6
- Using cognito-at-edge as a layer on a lambda@edge function HOT 1
- Use as API Gateway Authorizer
- Maintaining Query String HOT 1
- Refresh functionality should not redirect on SPA applications
- Why is the authorization endpoint `/authorize` and not `/oauth2/authorize` ?
- Add `esModuleInterop = true` in tsconfig.json to enable bundle with Vite
- logoutUri does not log out user completely? HOT 4
- Client-side tokens and Error 502 clarification
- Consider using HTTP 307 instead of HTP 302 HOT 1
- TypeError - Cannot read properties of undefined (reading 'querystring')
- 503 ERROR due lambda timeout after tokens are fetched HOT 21
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cognito-at-edge.