From 3edd98150cecdf1aaf052be1723ce88bfda50fc9 Mon Sep 17 00:00:00 2001
From: Basti Ortiz <39114273+BastiDood@users.noreply.github.com>
Date: Sat, 10 Aug 2024 18:19:31 +0800
Subject: [PATCH] fix(oauth): disable browser cache when logging in

---
 app/src/routes/oauth/callback/+server.js | 3 ++-
 app/src/routes/oauth/login/+server.js    | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/src/routes/oauth/callback/+server.js b/app/src/routes/oauth/callback/+server.js
index 7517e73..3512972 100644
--- a/app/src/routes/oauth/callback/+server.js
+++ b/app/src/routes/oauth/callback/+server.js
@@ -7,7 +7,8 @@ import { fetchJwks } from 'drap-email/jwks';
 import { jwtVerify } from 'jose';
 import { parse } from 'valibot';
 
-export async function GET({ fetch, locals: { db }, cookies, url: { searchParams } }) {
+export async function GET({ fetch, locals: { db }, cookies, setHeaders, url: { searchParams } }) {
+    setHeaders({ 'Cache-Control': 'no-store' });
     const sid = cookies.get('sid');
     if (typeof sid === 'undefined') redirect(307, '/oauth/login/');
 
diff --git a/app/src/routes/oauth/login/+server.js b/app/src/routes/oauth/login/+server.js
index fcdb62e..b450fc9 100644
--- a/app/src/routes/oauth/login/+server.js
+++ b/app/src/routes/oauth/login/+server.js
@@ -3,7 +3,8 @@ import { error, redirect } from '@sveltejs/kit';
 import { Buffer } from 'node:buffer';
 import GOOGLE from '$lib/server/env/google';
 
-export async function GET({ locals: { db }, cookies, url: { searchParams } }) {
+export async function GET({ locals: { db }, cookies, setHeaders, url: { searchParams } }) {
+    setHeaders({ 'Cache-Control': 'no-store' });
     const sid = cookies.get('sid');
     const hasExtendedScope = searchParams.has('extended');
     if (typeof sid !== 'undefined') {