From 2bc7629cca1572c15543ec0b0d7694e3a3b19e1b Mon Sep 17 00:00:00 2001
From: Max Peintner <peintnerm@gmail.com>
Date: Mon, 9 Dec 2024 10:48:50 +0100
Subject: [PATCH] document, session item

---
 apps/login/src/app/login/route.ts          | 10 +++++++++-
 apps/login/src/components/session-item.tsx | 12 +++++++-----
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/apps/login/src/app/login/route.ts b/apps/login/src/app/login/route.ts
index ae23dea679..40200ef39f 100644
--- a/apps/login/src/app/login/route.ts
+++ b/apps/login/src/app/login/route.ts
@@ -269,6 +269,10 @@ export async function GET(request: NextRequest) {
       if (authRequest.prompt.includes(Prompt.SELECT_ACCOUNT)) {
         return gotoAccounts();
       } else if (authRequest.prompt.includes(Prompt.LOGIN)) {
+        /**
+         * The login prompt instructs the authentication server to prompt the user for re-authentication, regardless of whether the user is already authenticated
+         */
+
         // if a hint is provided, skip loginname page and jump to the next page
         if (authRequest.loginHint) {
           try {
@@ -299,7 +303,11 @@ export async function GET(request: NextRequest) {
         }
         return NextResponse.redirect(loginNameUrl);
       } else if (authRequest.prompt.includes(Prompt.NONE)) {
-        // NONE prompt - silent authentication
+        /**
+         * With an OIDC none prompt, the authentication server must not display any authentication or consent user interface pages.
+         * This means that the user should not be prompted to enter their password again.
+         * Instead, the server attempts to silently authenticate the user using an existing session or other authentication mechanisms that do not require user interaction
+         **/
         const selectedSession = findValidSession(sessions, authRequest);
 
         if (!selectedSession || !selectedSession.id) {
diff --git a/apps/login/src/components/session-item.tsx b/apps/login/src/components/session-item.tsx
index 1845ea63bc..7cd5e9a7f9 100644
--- a/apps/login/src/components/session-item.tsx
+++ b/apps/login/src/components/session-item.tsx
@@ -114,11 +114,13 @@ export function SessionItem({
             {verifiedAt && moment(timestampDate(verifiedAt)).fromNow()}
           </span>
         ) : (
-          <span className="text-xs opacity-80 text-ellipsis">
-            expired{" "}
-            {session.expirationDate &&
-              moment(timestampDate(session.expirationDate)).fromNow()}
-          </span>
+          verifiedAt && (
+            <span className="text-xs opacity-80 text-ellipsis">
+              expired{" "}
+              {session.expirationDate &&
+                moment(timestampDate(session.expirationDate)).fromNow()}
+            </span>
+          )
         )}
       </div>