clearSessionAndSetCookies deletes the refresh token and sets expired cookies on the response headers.
(ctx context.Context, reqHeaders http.Header, respHeaders http.Header, workspaceID string)
| 414 | |
| 415 | // clearSessionAndSetCookies deletes the refresh token and sets expired cookies on the response headers. |
| 416 | func (s *AuthService) clearSessionAndSetCookies(ctx context.Context, reqHeaders http.Header, respHeaders http.Header, workspaceID string) { |
| 417 | if refreshToken := auth.GetRefreshTokenFromCookie(reqHeaders); refreshToken != "" { |
| 418 | if err := s.store.DeleteWebRefreshToken(ctx, auth.HashToken(refreshToken)); err != nil { |
| 419 | slog.Error("failed to delete refresh token", log.BBError(err)) |
| 420 | } |
| 421 | } |
| 422 | origin := reqHeaders.Get("Origin") |
| 423 | respHeaders.Add("Set-Cookie", auth.GetTokenCookie(ctx, s.store, s.licenseService, workspaceID, origin, "").String()) |
| 424 | respHeaders.Add("Set-Cookie", auth.GetRefreshTokenCookie(origin, "", 0).String()) |
| 425 | } |
| 426 | |
| 427 | // Refresh exchanges a refresh token for new access and refresh tokens. |
| 428 | func (s *AuthService) Refresh(ctx context.Context, req *connect.Request[v1pb.RefreshRequest]) (*connect.Response[v1pb.RefreshResponse], error) { |
no test coverage detected