fix: delete AgentConnect cookies instead of nullify

This commit is contained in:
simon lehericey 2024-03-19 14:41:41 +01:00
parent 759d729bf3
commit bdcc65ff4a

View file

@ -20,7 +20,7 @@ class AgentConnect::AgentController < ApplicationController
def callback
user_info, id_token = AgentConnectService.user_info(params[:code], cookies.encrypted[NONCE_COOKIE_NAME])
cookies.encrypted[NONCE_COOKIE_NAME] = nil
cookies.delete NONCE_COOKIE_NAME
instructeur = Instructeur.find_by(agent_connect_id: user_info['sub'])
@ -69,7 +69,7 @@ class AgentConnect::AgentController < ApplicationController
flash.alert = t('errors.messages.france_connect.connexion')
redirect_to(new_user_session_path)
else
cookies.encrypted[STATE_COOKIE_NAME] = nil
cookies.delete STATE_COOKIE_NAME
end
end
end