Fix log out from user menu not working on Safari (#31402)

2024-08-13 19:49:23 +02:00 · 2024-08-13 19:49:23 +02:00 · c3e1d86d58
commit c3e1d86d58
parent 2b1670da48
5 changed files with 102 additions and 34 deletions
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -187,4 +187,15 @@ class Auth::SessionsController < Devise::SessionsController
  def second_factor_attempts_key(user)
    "2fa_auth_attempts:#{user.id}:#{Time.now.utc.hour}"
  end
+
+  def respond_to_on_destroy
+    respond_to do |format|
+      format.json do
+        render json: {
+          redirect_to: after_sign_out_path_for(resource_name),
+        }, status: 200
+      end
+      format.all { super }
+    end
+  end
 end
--- a/app/javascript/mastodon/features/ui/components/confirmation_modals/log_out.tsx
+++ b/app/javascript/mastodon/features/ui/components/confirmation_modals/log_out.tsx
@ -25,7 +25,7 @@ export const ConfirmLogOutModal: React.FC<BaseConfirmationModalProps> = ({
  const intl = useIntl();

  const onConfirm = useCallback(() => {
-    logOut();
+    void logOut();
  }, []);

  return (
--- a/app/javascript/mastodon/utils/log_out.ts
+++ b/app/javascript/mastodon/utils/log_out.ts
@ -1,36 +1,20 @@
-export const logOut = () => {
-  const form = document.createElement('form');
+import api from 'mastodon/api';

-  const methodInput = document.createElement('input');
-  methodInput.setAttribute('name', '_method');
-  methodInput.setAttribute('value', 'delete');
-  methodInput.setAttribute('type', 'hidden');
-  form.appendChild(methodInput);
+export async function logOut() {
+  try {
+    const response = await api(false).delete<{ redirect_to?: string }>(
+      '/auth/sign_out',
+      { headers: { Accept: 'application/json' }, withCredentials: true },
+    );

-  const csrfToken = document.querySelector<HTMLMetaElement>(
-    'meta[name=csrf-token]',
-  );
-
-  const csrfParam = document.querySelector<HTMLMetaElement>(
-    'meta[name=csrf-param]',
-  );
-
-  if (csrfParam && csrfToken) {
-    const csrfInput = document.createElement('input');
-    csrfInput.setAttribute('name', csrfParam.content);
-    csrfInput.setAttribute('value', csrfToken.content);
-    csrfInput.setAttribute('type', 'hidden');
-    form.appendChild(csrfInput);
+    if (response.status === 200 && response.data.redirect_to)
+      window.location.href = response.data.redirect_to;
+    else
+      console.error(
+        'Failed to log out, got an unexpected non-redirect response from the server',
+        response,
+      );
+  } catch (error) {
+    console.error('Failed to log out, response was an error', error);
  }
-
-  const submitButton = document.createElement('input');
-  submitButton.setAttribute('type', 'submit');
-  form.appendChild(submitButton);
-
-  form.method = 'post';
-  form.action = '/auth/sign_out';
-  form.style.display = 'none';
-
-  document.body.appendChild(form);
-  submitButton.click();
-};
+}