fix(v1): remove api token from cookies

kinde-oss · Oct 3, 2024 · 12a9663 · 12a9663
1 parent 61cdffc
commit 12a9663
Showing 1 changed file with 15 additions and 19 deletions.
diff --git a/src/api-client.js b/src/api-client.js
@@ -29,25 +29,21 @@ export const createKindeManagementAPIClient = async (req, res) => {
   let apiToken = null;
 
   const store = sessionManager(req, res);
-  const tokenFromCookie = store.getSessionItem('kinde_api_access_token');
-  if (isTokenValid(tokenFromCookie)) {
-    apiToken = tokenFromCookie;
-  } else {
-    const response = await fetch(`${config.issuerURL}/oauth2/token`, {
-      method: 'POST',
-      headers: {
-        'content-type': 'application/x-www-form-urlencoded'
-      },
-      body: new URLSearchParams({
-        grant_type: 'client_credentials',
-        client_id: config.clientID,
-        client_secret: config.clientSecret,
-        audience: config.audience
-      })
-    });
-    apiToken = (await response.json()).access_token;
-    store.setSessionItem('kinde_api_access_token', apiToken);
-  }
+  store.removeSessionItem('kinde_api_access_token');
+
+  const response = await fetch(`${config.issuerURL}/oauth2/token`, {
+    method: 'POST',
+    headers: {
+      'content-type': 'application/x-www-form-urlencoded'
+    },
+    body: new URLSearchParams({
+      grant_type: 'client_credentials',
+      client_id: config.clientID,
+      client_secret: config.clientSecret,
+      audience: config.audience
+    })
+  });
+  apiToken = (await response.json()).access_token;
 
   const cfg = new Configuration({
     basePath: config.issuerURL,