backend/feature/auth/src/framework/web/auth_web_routes.rs

@@ -8,6 +8,10 @@ use crate::{
     application::error::auth_error::AuthError,
 };
 
+const SESSION_KEY_AUTH_STATE: &str = "auth_state";
+const SESSION_KEY_AUTH_NONCE: &str = "auth_nonce";
+const SESSION_KEY_USER: &str = "user";
+
 pub fn configure_auth_routes(cfg: &mut web::ServiceConfig) {
     cfg.service(
         web::scope("/auth")
@@ -25,11 +29,11 @@ async fn oidc_login_handler(
 
     match result {
         Ok(auth_url) => {
-            if let Err(e) = session.insert("auth_state", auth_url.state) {
+            if let Err(e) = session.insert(SESSION_KEY_AUTH_STATE, auth_url.state) {
                 log::error!("{e:?}");
                 return HttpResponse::InternalServerError().finish();
             }
-            if let Err(e) = session.insert("auth_nonce", auth_url.nonce) {
+            if let Err(e) = session.insert(SESSION_KEY_AUTH_NONCE, auth_url.nonce) {
                 log::error!("{e:?}");
                 return HttpResponse::InternalServerError().finish();
             }
@@ -49,12 +53,12 @@ async fn oidc_callback_handler(
     query: web::Query<OidcCallbackQueryDto>,
     session: Session,
 ) -> impl Responder {
-    let expected_state: String = match session.get("auth_state") {
+    let expected_state: String = match session.get(SESSION_KEY_AUTH_STATE) {
         Ok(Some(state)) => state,
         _ => return HttpResponse::BadRequest().finish(),
     };
 
-    let expected_nonce: String = match session.get("auth_nonce") {
+    let expected_nonce: String = match session.get(SESSION_KEY_AUTH_NONCE) {
         Ok(Some(nonce)) => nonce,
         _ => return HttpResponse::BadRequest().finish(),
     };
@@ -63,11 +67,11 @@ async fn oidc_callback_handler(
         .oidc_callback(query.into_inner(), &expected_state, &expected_nonce)
         .await;
 
-    session.remove("auth_state");
+    session.remove(SESSION_KEY_AUTH_STATE);
-    session.remove("auth_nonce");
+    session.remove(SESSION_KEY_AUTH_NONCE);
     match result {
         Ok(user) => {
-            if let Err(e) = session.insert("user", user) {
+            if let Err(e) = session.insert(SESSION_KEY_USER, user) {
                 log::error!("{e:?}");
                 return HttpResponse::InternalServerError().finish();
             }
@@ -87,6 +91,11 @@ async fn oidc_callback_handler(
     }
 }
 
-async fn logout_handler() -> impl Responder {
+async fn logout_handler(session: Session) -> impl Responder {
-    HttpResponse::Ok().finish()
+    session.remove(SESSION_KEY_AUTH_STATE);
+    session.remove(SESSION_KEY_AUTH_NONCE);
+    session.remove(SESSION_KEY_USER);
+    HttpResponse::Found()
+        .append_header((header::LOCATION, "/"))
+        .finish()
 }