foxia-auth-logout

NestJS module for session revocation via Hydra Backchannel Logout. Supports Single Sign Out (SLO).


Installation

``bash
npm install foxia-auth-logout
`

Quick Start

$3

`typescript
import { SessionRevocationModule } from 'foxia-auth-logout';

@Module({
imports: [
SessionRevocationModule.forRootAsync({
imports: [ConfigModule],
inject: [ConfigService],
useFactory: (config: ConfigService) => ({
redis: {
host: config.get('REDIS_HOST', 'localhost'),
port: config.get('REDIS_PORT', 6379),
},
sidClaim: 'sid', // claim trong JWT chứa session ID
ttl: 86400, // 1 day
}),
}),
],
})
export class AppModule {}
`

$3

`typescript
import { SessionRevocationGuard } from 'foxia-auth-logout';

// Thêm bên cạnh guard auth hiện có
@Controller('users')
@UseGuards(JwtAuthGuard, SessionRevocationGuard)
export class UsersController {}

// Hoặc global
app.useGlobalGuards(
app.get(JwtAuthGuard),
app.get(SessionRevocationGuard),
);
`

$3

`typescript
import { Public } from 'foxia-auth-logout';

@Get('health')
@Public()
health() { return { status: 'ok' }; }
`

Configure Hydra Client

`bash
curl -X PATCH http://hydra-admin:4445/admin/clients/YOUR_CLIENT \
-d '{"backchannel_logout_uri": "https://your-app.com/logout/backchannel"}'
`

How It Works

`
Logout → Hydra → POST /logout/backchannel → Redis (blacklist SID)
↓
Request → Guard decode JWT → SID in blacklist? → 401
``

License

MIT