diff --git a/js/controllers/login-controller.js b/js/controllers/login-controller.js index f15705a..599eb0f 100644 --- a/js/controllers/login-controller.js +++ b/js/controllers/login-controller.js @@ -126,8 +126,14 @@ app.controller('loginCtrl', [ }; vm.signOut = function () { - Auth.signOut(); - $location.path('/splash-page'); + // TODO the sign-out url for each account should be fixed. + return Auth.signOut().then(function () { + if (!Auth.hasSession()) { + $location.path('/splash-page'); + return; + } + window.alert("You are still logged in with other accounts."); + }); }; }]); diff --git a/js/services/auth-service.js b/js/services/auth-service.js index e94bc15..8afc60e 100644 --- a/js/services/auth-service.js +++ b/js/services/auth-service.js @@ -30,7 +30,7 @@ app.factory('Auth', [ localStorage.setItem(dapName, JSON.stringify(session)); localStorage.setItem(dapSession, dapName); - obj[dapName] = true; + obj[dapName] = Date.now(); localStorage.setItem(dapSessions, JSON.stringify(obj)); } , restore: function () { @@ -54,8 +54,27 @@ app.factory('Auth', [ return Auth.session; } , signOut: function () { - localStorage.clear(); - } + var session = Auth.session; + var dapName = 'dap-' + session.subject + '|' + session.issuer; + + // TODO logout url should be created upon login and remain fixed throughout the duration of the session (or on session restoration) + return Auth.oauth3.logout().then(function () { + var obj = JSON.parse(localStorage.getItem(dapSessions) || '{}'); + delete obj[dapName]; + var newDapName = Object.keys(obj).sort(function (a, b) { return obj[a] - obj[b]; })[0]; + + localStorage.setItem(dapSession, newDapName); + localStorage.setItem(dapSessions, JSON.stringify(obj)); + localStorage.removeItem(dapName); + + if (!newDapName) { + localStorage.removeItem(dapSession); + } + + return Auth.restore(); + }); + // localStorage.clear(); + } , sessions: [] , session: null , oauth3: null