diff --git a/package-lock.json b/package-lock.json index 39b2f381..0a80fd01 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "@aws-sdk/lib-dynamodb": "^3.585.0", "@co-digital/api-sdk": "^1.0.6", "@co-digital/logging": "^1.0.1", - "@co-digital/login": "^1.0.3", + "@co-digital/login": "^1.0.4", "cookie-parser": "^1.4.6", "cookie-session": "^2.1.0", "cors": "^2.8.5", @@ -1422,9 +1422,9 @@ } }, "node_modules/@co-digital/login": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/@co-digital/login/-/login-1.0.3.tgz", - "integrity": "sha512-B8TPdsXg/UcQ27FBUFgPW8wrDq04qHBH56GdHOWhXnVA5PT46wUpGQ1yLVLMFg+88txdDmAGb0HViTYkqiv/tw==", + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@co-digital/login/-/login-1.0.4.tgz", + "integrity": "sha512-w57cntkUq5BxcPfVWY5gOuYa+s+2Qy+crUMhTQaxL9oIiAOKnZdoIMkPXtLAy8JYs8KV90eFrTWQvIAWg1Kpfw==", "dependencies": { "@co-digital/logging": "^1.0.2", "cookie-parser": "^1.4.6", diff --git a/package.json b/package.json index 0976b0dd..b13b33e9 100644 --- a/package.json +++ b/package.json @@ -46,7 +46,7 @@ "@aws-sdk/lib-dynamodb": "^3.585.0", "@co-digital/api-sdk": "^1.0.6", "@co-digital/logging": "^1.0.1", - "@co-digital/login": "^1.0.3", + "@co-digital/login": "^1.0.4", "cookie-parser": "^1.4.6", "cookie-session": "^2.1.0", "cors": "^2.8.5", diff --git a/src/config/helmet.ts b/src/config/helmet.ts index 562f9a82..8754fa69 100644 --- a/src/config/helmet.ts +++ b/src/config/helmet.ts @@ -13,7 +13,7 @@ export const configureHelmet = (app: express.Application) => { directives: { defaultSrc: ["'self'"], fontSrc: ["'self'", config.CDN_HOST], - styleSrc: ["'self'", config.CDN_HOST], + styleSrc: ["'self'", "'unsafe-hashes'", "'sha256-6FWIojjtZwiNizws7ImlHjGH3DA5yMh5x4c+/4UVpXk='", config.CDN_HOST], scriptSrc: [ "'self'", "'sha256-l1eTVSK8DTnK8+yloud7wZUqFrI0atVo6VlC6PJvYaQ='", diff --git a/src/views/include/sign-out.html b/src/views/include/sign-out.html new file mode 100644 index 00000000..f155a2da --- /dev/null +++ b/src/views/include/sign-out.html @@ -0,0 +1,10 @@ +{% if userEmailAuth or userEmail %} +
+ {{ userEmailAuth | default(userEmail) }} | + Sign out +
+