feat(core): auto sign-out (#1369)

* feat(core): auto sign-out

* fix(core): path when start from root

* refactor(core): per review

packages/core/src/database/seed.ts

@@ -2,15 +2,12 @@ import { readdir, readFile } from 'fs/promises';
 import path from 'path';
 
 import { SchemaLike, seeds } from '@logto/schemas';
-import { conditionalString } from '@silverhand/essentials';
 import chalk from 'chalk';
 import decamelize from 'decamelize';
 import { createPool, parseDsn, sql, stringifyDsn } from 'slonik';
 import { createInterceptors } from 'slonik-interceptor-preset';
 import { raw } from 'slonik-sql-tag-raw';
 
-import { fromRoot } from '@/env-set/parameters';
-
 import { convertToPrimitiveOrSql } from './utils';
 
 const {
@@ -20,8 +17,7 @@ const {
   createDemoAppApplication,
   defaultRole,
 } = seeds;
-const tableDirectory =
-  conditionalString(fromRoot && 'packages/core/') + 'node_modules/@logto/schemas/tables';
+const tableDirectory = 'node_modules/@logto/schemas/tables';
 
 export const replaceDsnDatabase = (dsn: string, databaseName: string): string =>
   stringifyDsn({ ...parseDsn(dsn), databaseName });

packages/core/src/env-set/dot-env.ts

@@ -9,10 +9,9 @@ export const appendDotEnv = (key: string, value: string) => {
 };
 
 export const configDotEnv = () => {
-  // Started from project root, change working directory
   if (fromRoot) {
-    process.chdir('../..');
+    dotenv.config({ path: '../../.env' });
+  } else {
+    dotenv.config();
   }
-
-  dotenv.config();
 };

packages/core/src/middleware/koa-spa-proxy.ts

@@ -6,7 +6,6 @@ import proxy from 'koa-proxies';
 import { IRouterParamContext } from 'koa-router';
 
 import envSet, { MountedApps } from '@/env-set';
-import { fromRoot } from '@/env-set/parameters';
 import serveStatic from '@/middleware/koa-serve-static';
 
 export default function koaSpaProxy<StateT, ContextT extends IRouterParamContext, ResponseBodyT>(
@@ -16,8 +15,7 @@ export default function koaSpaProxy<StateT, ContextT extends IRouterParamContext
 ): MiddlewareType<StateT, ContextT, ResponseBodyT> {
   type Middleware = MiddlewareType<StateT, ContextT, ResponseBodyT>;
 
-  const packagesPath = fromRoot ? 'packages/' : '..';
-  const distPath = path.join(packagesPath, packagePath, 'dist');
+  const distPath = path.join('..', packagePath, 'dist');
 
   const spaProxy: Middleware = envSet.values.isProduction
     ? serveStatic(distPath)

packages/core/src/oidc/init.ts

@@ -1,5 +1,7 @@
 /* istanbul ignore file */
 
+import { readFileSync } from 'fs';
+
 import { CustomClientMetadataKey } from '@logto/schemas';
 import { exportJWK } from 'jose';
 import Koa from 'koa';
@@ -18,6 +20,7 @@ import { addOidcEventListeners } from '@/utils/oidc-provider-event-listener';
 export default async function initOidc(app: Koa): Promise<Provider> {
   const { issuer, cookieKeys, privateKey, defaultIdTokenTtl, defaultRefreshTokenTtl } =
     envSet.values.oidc;
+  const logoutSource = readFileSync('static/html/logout.html', 'utf-8');
 
   const keys = [await exportJWK(privateKey)];
   const cookieConfig = Object.freeze({
@@ -43,6 +46,12 @@ export default async function initOidc(app: Koa): Promise<Provider> {
       userinfo: { enabled: false },
       revocation: { enabled: true },
       devInteractions: { enabled: false },
+      rpInitiatedLogout: {
+        logoutSource: (ctx, form) => {
+          // eslint-disable-next-line no-template-curly-in-string
+          ctx.body = logoutSource.replace('${form}', form);
+        },
+      },
       // https://github.com/panva/node-oidc-provider/blob/main/docs/README.md#featuresresourceindicators
       resourceIndicators: {
         enabled: true,

packages/core/static/html/logout.html

@@ -0,0 +1,13 @@
+<!-- https://github.com/panva/node-oidc-provider/blob/main/docs/README.md#logoutsource -->
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Sign Out</title>
+</head>
+<body onload="document.getElementById('op.logoutForm').submit();">
+  ${form}
+  <input type="hidden" form="op.logoutForm" value="yes" name="logout" />
+</body>
+</html>