From dddef149aea597a145e3717b2c461b251e0f6a8d Mon Sep 17 00:00:00 2001
From: memdmp <memdmp@estrogen.zone>
Date: Wed, 20 Aug 2025 13:39:01 +0200
Subject: feat: oidc attempt 82845345

---
 src/routes/login/undo/+server.ts | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 src/routes/login/undo/+server.ts

(limited to 'src/routes/login/undo/+server.ts')

diff --git a/src/routes/login/undo/+server.ts b/src/routes/login/undo/+server.ts
new file mode 100644
index 0000000..a3559d6
--- /dev/null
+++ b/src/routes/login/undo/+server.ts
@@ -0,0 +1,16 @@
+import * as auth from '$lib/auth.server.js';
+import { error, redirect } from '@sveltejs/kit';
+import * as client from 'openid-client';
+export const GET = async (event) => {
+  const token = event.cookies.get('oid__access_token');
+  if (!token) throw error(403, 'Logout requires an access token!');
+  await client.tokenRevocation(await auth.getConfig(), token);
+  let target =
+    event.url.searchParams.get('next') ?? event.cookies.get('next') ?? '/';
+  if (new URL(target, event.url.href).host !== event.url.host) target = '/';
+  event.cookies.delete('next', {
+    path: '/',
+  });
+  auth.unsetCookies(event.cookies);
+  throw redirect(303, `/login/callback/ok?next=${encodeURIComponent(target)}`);
+};
-- 
cgit v1.2.3