From 316100c46cd5b453103248217622ca4bb9623fb5 Mon Sep 17 00:00:00 2001
From: Alberto Perdomo <alberto.perdomo@gmail.com>
Date: Fri, 27 Oct 2023 17:21:01 +0100
Subject: [PATCH 1/2] Implement single logout

---
 index.js | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/index.js b/index.js
index bee0f8f..733c83f 100644
--- a/index.js
+++ b/index.js
@@ -140,11 +140,16 @@ app.get("/analytics", restrict, function (req, res) {
 });
 
 app.get("/logout", function (req, res) {
-    // destroy the user's session to log them out
-    // will be re-created next request
-    req.session.destroy(function () {
-        res.redirect("/");
-    });
+  const mbLogoutUrl = new URL("/auth/logout", METABASE_SITE_URL);
+  
+  // destroy the user's session to log them out
+  // will be re-created next request
+  req.session.destroy(function () {
+    // sign user out of Metabase by loading /auth/logout in a hidden iframe
+    res.send(`
+      You have been logged out. <a href="/login">Log in</a>
+      <iframe src="${mbLogoutUrl}" hidden></iframe>`);
+  });
 });
 
 app.get("/login", function (req, res) {

From 2002715db3d187c783db7f99be3829b44708ff60 Mon Sep 17 00:00:00 2001
From: Alberto Perdomo <alberto.perdomo@gmail.com>
Date: Fri, 27 Oct 2023 18:35:05 +0100
Subject: [PATCH 2/2] Replace legacy url Node module with new URL API, bringing
 it in-line with the Quickstart

---
 index.js | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/index.js b/index.js
index 733c83f..4cc53fc 100644
--- a/index.js
+++ b/index.js
@@ -17,7 +17,6 @@ const hash = require("pbkdf2-password")();
 const path = require("path");
 const session = require("express-session");
 const jwt = require("jsonwebtoken");
-const url = require("url");
 
 var app = (module.exports = express());
 
@@ -189,15 +188,11 @@ app.post("/login", function (req, res, next) {
 });
 
 app.get("/sso/metabase", restrict, (req, res) => {
-    res.redirect(
-        url.format({
-            pathname: `${METABASE_SITE_URL}/auth/sso`,
-            query: {
-                jwt: signUserToken(req.session.user),
-                return_to: `${req.query.return_to || "/"}?${mods}`,
-            },
-        })
-    );
+    const ssoUrl = new URL("/auth/sso", METABASE_SITE_URL);
+    ssoUrl.searchParams.set("jwt", signUserToken(req.session.user));
+    ssoUrl.searchParams.set("return_to", `${req.query.return_to ?? "/"}?${mods}`);
+  
+    res.redirect(ssoUrl);
 });
 
 const PORT = 8080;