From 049b914916dbfd23b3523cae05372af3ca07c56e Mon Sep 17 00:00:00 2001
From: DCCONSTRUCTIONS <dcconstructions@MacBook-Pro-DCCONSTRUCTIONS-2.local>
Date: Mon, 4 May 2026 23:23:40 +0300
Subject: [PATCH] =?UTF-8?q?=D0=A4=D0=A3=D0=9D=D0=9A=D0=A6=D0=98=D0=98=20-?=
 =?UTF-8?q?=20NODEDC=20LAUNCHER:=20sync=20logout=20across=20tabs?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server/dev-server.mjs             | 109 ++++++++++++++++++++++++++++++
 src/app/LauncherApp.tsx           |  18 ++++-
 src/shared/session/sessionSync.ts |  93 +++++++++++++++++++++++++
 3 files changed, 219 insertions(+), 1 deletion(-)
 create mode 100644 src/shared/session/sessionSync.ts

diff --git a/server/dev-server.mjs b/server/dev-server.mjs
index ae7a7ae..e549b39 100644
--- a/server/dev-server.mjs
+++ b/server/dev-server.mjs
@@ -145,6 +145,16 @@ app.get("/auth/logged-out", (req, res) => {
   res.redirect(buildLoginRedirectUrl(returnTo, { forceLogin: true }));
 });
 
+app.get("/auth/session-sync", (req, res) => {
+  const allowedOrigins = getSessionSyncAllowedOrigins();
+  setNoStore(res);
+  res.setHeader(
+    "Content-Security-Policy",
+    `default-src 'none'; script-src 'unsafe-inline'; style-src 'unsafe-inline'; frame-ancestors ${allowedOrigins.join(" ")}`
+  );
+  res.type("html").send(renderSessionSyncBridgePage(allowedOrigins));
+});
+
 app.get("/auth/logout", asyncRoute(async (req, res) => {
   const session = getCurrentSession(req);
   const returnTo = sanitizeReturnTo(req.query.returnTo);
@@ -954,6 +964,20 @@ function renderGlobalLogoutPage(frontchannelLogoutUrls, finalRedirectUrl) {
       <p>Закрываем сессии подключённых приложений и платформенный вход.</p>
     </main>
     <script>
+      const eventPayload = {
+        type: "nodedc:session:logout",
+        id: globalThis.crypto?.randomUUID ? globalThis.crypto.randomUUID() : String(Date.now()) + "-" + Math.random().toString(36).slice(2),
+        source: "launcher-global-logout",
+        createdAt: Date.now()
+      };
+      try {
+        const channel = new BroadcastChannel("nodedc-platform-session");
+        channel.postMessage(eventPayload);
+        channel.close();
+      } catch {}
+      try {
+        localStorage.setItem("nodedc:platform-session-event", JSON.stringify(eventPayload));
+      } catch {}
       const logoutUrls = ${logoutUrlsJson};
       const finalRedirectUrl = ${redirectUrlJson};
       for (const logoutUrl of logoutUrls) {
@@ -968,6 +992,91 @@ function renderGlobalLogoutPage(frontchannelLogoutUrls, finalRedirectUrl) {
 </html>`;
 }
 
+function renderSessionSyncBridgePage(allowedOrigins) {
+  const allowedOriginsJson = JSON.stringify(allowedOrigins);
+
+  return `<!doctype html>
+<html lang="ru">
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <title>NODE.DC session sync</title>
+  </head>
+  <body>
+    <script>
+      const allowedOrigins = new Set(${allowedOriginsJson});
+      const parentOrigin = (() => {
+        try {
+          return new URL(document.referrer).origin;
+        } catch {
+          return "";
+        }
+      })();
+      const channelName = "nodedc-platform-session";
+      const storageKey = "nodedc:platform-session-event";
+      let lastEventId = null;
+
+      function isAllowedOrigin(origin) {
+        return allowedOrigins.has(origin);
+      }
+
+      function isLogoutEvent(payload) {
+        return payload && payload.type === "nodedc:session:logout" && typeof payload.id === "string";
+      }
+
+      function forwardToParent(payload) {
+        if (!isLogoutEvent(payload) || payload.id === lastEventId || !isAllowedOrigin(parentOrigin)) return;
+        lastEventId = payload.id;
+        window.parent.postMessage(payload, parentOrigin);
+      }
+
+      function publish(payload) {
+        if (!isLogoutEvent(payload)) return;
+        try {
+          const channel = new BroadcastChannel(channelName);
+          channel.postMessage(payload);
+          channel.close();
+        } catch {}
+        try {
+          localStorage.setItem(storageKey, JSON.stringify(payload));
+        } catch {}
+      }
+
+      window.addEventListener("message", (event) => {
+        if (!isAllowedOrigin(event.origin) || !isLogoutEvent(event.data)) return;
+        publish(event.data);
+      });
+
+      try {
+        const channel = new BroadcastChannel(channelName);
+        channel.addEventListener("message", (event) => forwardToParent(event.data));
+      } catch {}
+
+      window.addEventListener("storage", (event) => {
+        if (event.key !== storageKey || !event.newValue) return;
+        try {
+          forwardToParent(JSON.parse(event.newValue));
+        } catch {}
+      });
+    </script>
+  </body>
+</html>`;
+}
+
+function getSessionSyncAllowedOrigins() {
+  const origins = new Set([new URL(config.appBaseUrl).origin]);
+
+  for (const logoutUrl of getFrontchannelLogoutUrls()) {
+    try {
+      origins.add(new URL(logoutUrl).origin);
+    } catch {
+      void 0;
+    }
+  }
+
+  return [...origins];
+}
+
 function readLauncherData() {
   const dataPath = join(projectRoot, "public", "storage", "launcher-data.json");
 
diff --git a/src/app/LauncherApp.tsx b/src/app/LauncherApp.tsx
index c69429f..8a88a64 100644
--- a/src/app/LauncherApp.tsx
+++ b/src/app/LauncherApp.tsx
@@ -42,6 +42,7 @@ import {
   type LauncherAuthApp,
 } from "../shared/api/authApi";
 import { updateOwnPassword, updateOwnProfile } from "../shared/api/profileApi";
+import { subscribeToNodeDCLogoutEvents } from "../shared/session/sessionSync";
 import { loadPersistedLauncherData } from "../shared/api/storageApi";
 import {
   AdminOverlay,
@@ -190,6 +191,17 @@ export function LauncherApp() {
     window.location.replace(buildLoginRedirectUrl(authSession.loginUrl));
   }, [authSession]);
 
+  useEffect(() => {
+    let isRedirecting = false;
+
+    return subscribeToNodeDCLogoutEvents(() => {
+      if (isRedirecting) return;
+
+      isRedirecting = true;
+      window.location.replace(buildLoginRedirectUrl("/auth/login?prompt=login"));
+    });
+  }, []);
+
   useEffect(() => {
     let isMounted = true;
 
@@ -511,6 +523,10 @@ export function LauncherApp() {
     return null;
   }
 
+  const handleLogout = () => {
+    window.location.replace(authSession.logoutUrl);
+  };
+
   return (
     <div className="launcher-app">
       <TopBar
@@ -525,7 +541,7 @@ export function LauncherApp() {
         onToggleAdmin={() => setAdminOpen((current) => !current)}
         onOpenShowcase={() => setAdminOpen(false)}
         onOpenProfileSettings={() => setProfileSettingsOpen(true)}
-        onLogout={() => window.location.replace(authSession.logoutUrl)}
+        onLogout={handleLogout}
       />
 
       <main className="launcher-main">
diff --git a/src/shared/session/sessionSync.ts b/src/shared/session/sessionSync.ts
new file mode 100644
index 0000000..73364f1
--- /dev/null
+++ b/src/shared/session/sessionSync.ts
@@ -0,0 +1,93 @@
+export const NODEDC_SESSION_EVENT_TYPE = "nodedc:session:logout";
+export const NODEDC_SESSION_CHANNEL_NAME = "nodedc-platform-session";
+export const NODEDC_SESSION_STORAGE_KEY = "nodedc:platform-session-event";
+
+export interface NodeDCSessionEvent {
+  type: typeof NODEDC_SESSION_EVENT_TYPE;
+  id: string;
+  source: string;
+  createdAt: number;
+}
+
+export function publishNodeDCLogoutEvent(source = "launcher") {
+  if (typeof window === "undefined") return;
+
+  const event: NodeDCSessionEvent = {
+    type: NODEDC_SESSION_EVENT_TYPE,
+    id: createEventId(),
+    source,
+    createdAt: Date.now(),
+  };
+
+  try {
+    const channel = new BroadcastChannel(NODEDC_SESSION_CHANNEL_NAME);
+    channel.postMessage(event);
+    channel.close();
+  } catch {
+    void 0;
+  }
+
+  try {
+    window.localStorage.setItem(NODEDC_SESSION_STORAGE_KEY, JSON.stringify(event));
+  } catch {
+    void 0;
+  }
+}
+
+export function subscribeToNodeDCLogoutEvents(onLogout: (event: NodeDCSessionEvent) => void) {
+  if (typeof window === "undefined") return () => undefined;
+
+  let lastEventId: string | null = null;
+  let channel: BroadcastChannel | null = null;
+
+  const handleEvent = (payload: unknown) => {
+    if (!isNodeDCSessionEvent(payload) || payload.id === lastEventId) return;
+
+    lastEventId = payload.id;
+    onLogout(payload);
+  };
+
+  try {
+    channel = new BroadcastChannel(NODEDC_SESSION_CHANNEL_NAME);
+    channel.addEventListener("message", (event) => handleEvent(event.data));
+  } catch {
+    channel = null;
+  }
+
+  const handleStorage = (event: StorageEvent) => {
+    if (event.key !== NODEDC_SESSION_STORAGE_KEY || !event.newValue) return;
+
+    try {
+      handleEvent(JSON.parse(event.newValue));
+    } catch {
+      void 0;
+    }
+  };
+
+  window.addEventListener("storage", handleStorage);
+
+  return () => {
+    channel?.close();
+    window.removeEventListener("storage", handleStorage);
+  };
+}
+
+function isNodeDCSessionEvent(value: unknown): value is NodeDCSessionEvent {
+  if (!value || typeof value !== "object") return false;
+
+  const event = value as Partial<NodeDCSessionEvent>;
+  return (
+    event.type === NODEDC_SESSION_EVENT_TYPE &&
+    typeof event.id === "string" &&
+    typeof event.source === "string" &&
+    typeof event.createdAt === "number"
+  );
+}
+
+function createEventId() {
+  try {
+    return crypto.randomUUID();
+  } catch {
+    return `${Date.now()}-${Math.random().toString(36).slice(2)}`;
+  }
+}