From 9f3fba3000b58c316c562f9664672a9c2776b718 Mon Sep 17 00:00:00 2001
From: Kevin Burnett <18027+burnettk@users.noreply.github.com>
Date: Tue, 31 Oct 2023 08:26:17 -0700
Subject: [PATCH] handle already logged out case more gracefully (#599)

Co-authored-by: burnettk <burnettk@users.noreply.github.com>
---
 .../src/services/UserService.ts                   | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/spiffworkflow-frontend/src/services/UserService.ts b/spiffworkflow-frontend/src/services/UserService.ts
index 9f50c10ca..d6a14a39b 100644
--- a/spiffworkflow-frontend/src/services/UserService.ts
+++ b/spiffworkflow-frontend/src/services/UserService.ts
@@ -11,6 +11,8 @@ import { BACKEND_BASE_URL } from '../config';
 // Some explanation:
 // https://dev.to/nilanth/how-to-secure-jwt-in-a-single-page-application-cko
 
+const SIGN_IN_PATH = '/';
+
 const getCookie = (key: string) => {
   const parsedCookies = cookie.parse(document.cookie);
   if (key in parsedCookies) {
@@ -61,9 +63,16 @@ const getIdToken = () => {
 
 const doLogout = () => {
   const idToken = getIdToken();
-  const redirectUrl = `${window.location.origin}`;
-  const url = `${BACKEND_BASE_URL}/logout?redirect_url=${redirectUrl}&id_token=${idToken}`;
-  window.location.href = url;
+
+  const frontendBaseUrl = window.location.origin;
+  let logoutRedirectUrl = `${BACKEND_BASE_URL}/logout?redirect_url=${frontendBaseUrl}&id_token=${idToken}`;
+
+  // edge case. if the user is already logged out, just take them somewhere that will force them to sign in.
+  if (idToken === null) {
+    logoutRedirectUrl = SIGN_IN_PATH;
+  }
+
+  window.location.href = logoutRedirectUrl;
 };
 
 const getAccessToken = () => {