From 4045eee57dc02f5ffdc9a6fec89df78f7c1c6368 Mon Sep 17 00:00:00 2001
From: jaebradley <jae.b.bradley@gmail.com>
Date: Wed, 16 May 2018 10:19:33 -0400
Subject: [PATCH] Remove cookies when retiring user

---
 .../StudentAccountDeletionModal.jsx           |  2 ++
 .../components/removeLoggedInCookies.js       | 30 +++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 lms/static/js/student_account/components/removeLoggedInCookies.js

diff --git a/lms/static/js/student_account/components/StudentAccountDeletionModal.jsx b/lms/static/js/student_account/components/StudentAccountDeletionModal.jsx
index 8fadf5e1843..c252e678d77 100644
--- a/lms/static/js/student_account/components/StudentAccountDeletionModal.jsx
+++ b/lms/static/js/student_account/components/StudentAccountDeletionModal.jsx
@@ -6,6 +6,7 @@ import { Button, Modal, Icon, InputText, StatusAlert } from '@edx/paragon/static
 import StringUtils from 'edx-ui-toolkit/js/utils/string-utils';
 
 import { deactivate } from '../AccountsClient';
+import removeLoggedInCookies from './removeLoggedInCookies';
 
 class StudentAccountDeletionConfirmationModal extends React.Component {
   constructor(props) {
@@ -29,6 +30,7 @@ class StudentAccountDeletionConfirmationModal extends React.Component {
   handleConfirmationModalClose() {
     this.props.onClose();
 
+    removeLoggedInCookies();
     window.location.href = 'https://www.edx.org';
   }
 
diff --git a/lms/static/js/student_account/components/removeLoggedInCookies.js b/lms/static/js/student_account/components/removeLoggedInCookies.js
new file mode 100644
index 00000000000..f8cc18da3bd
--- /dev/null
+++ b/lms/static/js/student_account/components/removeLoggedInCookies.js
@@ -0,0 +1,30 @@
+import cookie from 'js-cookie';
+
+const removeLoggedInCookies = () => {
+  const hostname = window.location.hostname;
+  const isLocalhost = hostname.indexOf('localhost') >= 0;
+  const isStage = hostname.indexOf('stage') >= 0;
+
+  let domain = '.edx.org';
+  if (isLocalhost) {
+    domain = 'localhost';
+  } else if (isStage) {
+    domain = '.stage.edx.org';
+  }
+
+  cookie.remove('edxloggedin', { domain });
+
+  if (isLocalhost) {
+    // localhost doesn't have prefixes
+    cookie.remove('csrftoken', { domain });
+    cookie.remove('edx-user-info', { domain });
+  } else {
+    // does not take sandboxes into account
+    const prefix = isStage ? 'stage' : 'prod';
+    // both stage and prod csrf tokens are set to .edx.org
+    cookie.remove(`${prefix}-edx-csrftoken`, { domain: '.edx.org' });
+    cookie.remove(`${prefix}-edx-user-info`, { domain });
+  }
+};
+
+export default removeLoggedInCookies;
-- 
GitLab