Add new env var AUTH_OIDC_REDIRECT_LOGOUT for OIDC logout

[yulinhuang]

Description

Current behaviour:

I have setup homarr and oidc keycloak following the SSO section from the doc. It works well, I can log in with keycloak realm accounts, with or without admin right.

However when logging out from homarr, it doesn't logout the session from keycloak. Trying to login again it will login directly with previous user while not asking for user credentials.

Suggestion:

Adding an env var AUTH_OIDC_REDIRECT_LOGOUT that user can set up specific oidc logout url with docker compose envs.

Please tick the boxes

• [X] You've read the docs
• [X] You've checked for duplicate issues

[github-actions[bot]]

Hi 👋. Thank you for submitting your first issue to Homarr. Please ensure that you've provided all nessesary information. You can use the three dots > Edit button to update your post with additional images and information. Depending on the current volume of requests, the team should get in conact with you shortly.

[ajnart]

@yulinhuang I believe you might be able to do this yourself ! You can probably ask ChatGPT / GitHub Copilot for help. Take a look at this pr to see how it's done. Then you can submit yours, having a PR on the docs as well (https://github.com/homarr-labs/documentation/pull/65) would be extra nice. Good luck with it 😉

[yulinhuang]

@ajnart I may need some enlightment as I'm not familiar with front-end and js devlopment.

Here is my thought process:

1. Add an env var
2. modification in AvatarMenu.tsx
   • Access env var
   • modify logout on click to redirect to env var

It appears that AvatarMenu is executed on client side so I can not access directly the env var from the server side. So I modify the env var with NEXT_PUBLIC prefix, declare it in .env, build the project from source and it works locally with yarn start. Not sure this workaround is appropriate since other OIDC env are on server side.

Besides, when I try to build the docker image and use the docker container while declaring the env var, it doesn't seem to work properly.

1. docker image build from project Dockerfile
   • It seems the server is always taking the value define in local .env file, and not able to read from docker env.
2. I also tried to use the image build by github action
   • It seems the env var value is always undefined

Any suggestion?

[ajnart]

• The GitHub action will be undefined because these values need to be set in the settings of the project

• Try yarn build then docker build to create the image, but it's normal that the local .env takes priority, it's not there on GitHub actions

• You're right the logout in the Avatar is client-side. I think you might want to look at our middleware file / next auth files to see how the login process in handled and plugging a new fonction that would execute when the user logs out (on the server)

This would make it so that every logout button applies your intended fix.

Other than that I think your thought process it good 😉

[SeDemal]

@yulinhuang I'm currently working on adding a few env variables for session expiry. I can work this in if you want. If you want to do it now though, I would understand and appreciate having a new contributor :) Btw your research process is on point. it's 3 lines of code, all corresponding on what you said. Haven't done it nor tested it so maybe not, but from what I researched that's pretty much it.

[yulinhuang]

@SeDemal Thx for the proposition. Yes please work on it if you can. I feel like I'm doning something nasty when modifying in middleware files.