fix(oauth): disable browser cache when logging in

BastiDood · Aug 10, 2024 · 3edd981 · 3edd981
1 parent 1fbcf16
commit 3edd981
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/app/src/routes/oauth/callback/+server.js b/app/src/routes/oauth/callback/+server.js
@@ -7,7 +7,8 @@ import { fetchJwks } from 'drap-email/jwks';
 import { jwtVerify } from 'jose';
 import { parse } from 'valibot';
 
-export async function GET({ fetch, locals: { db }, cookies, url: { searchParams } }) {
+export async function GET({ fetch, locals: { db }, cookies, setHeaders, url: { searchParams } }) {
+    setHeaders({ 'Cache-Control': 'no-store' });
     const sid = cookies.get('sid');
     if (typeof sid === 'undefined') redirect(307, '/oauth/login/');
 

diff --git a/app/src/routes/oauth/login/+server.js b/app/src/routes/oauth/login/+server.js
@@ -3,7 +3,8 @@ import { error, redirect } from '@sveltejs/kit';
 import { Buffer } from 'node:buffer';
 import GOOGLE from '$lib/server/env/google';
 
-export async function GET({ locals: { db }, cookies, url: { searchParams } }) {
+export async function GET({ locals: { db }, cookies, setHeaders, url: { searchParams } }) {
+    setHeaders({ 'Cache-Control': 'no-store' });
     const sid = cookies.get('sid');
     const hasExtendedScope = searchParams.has('extended');
     if (typeof sid !== 'undefined') {