From cd829a3c9ac99384d3578b391a232ab74f403bc1 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Mon, 15 Aug 2022 11:33:44 +0200
Subject: [PATCH 01/10] WIP: Update config

---
 server/config/settings/base.py    |  4 +++-
 server/vbv_lernwelt/sso/client.py | 11 ++++++-----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/server/config/settings/base.py b/server/config/settings/base.py
index 86cc8254..c19d9792 100644
--- a/server/config/settings/base.py
+++ b/server/config/settings/base.py
@@ -525,12 +525,14 @@ OAUTH = {
     "access_token_url": env("IT_OAUTH_ACCESS_TOKEN_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/token"),
     "authorize_url": env("IT_OAUTH_AUTHORIZE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/auth"),
     "authorize_params": IT_OAUTH_AUTHORIZE_PARAMS,
+    "access_token_params": IT_OAUTH_AUTHORIZE_PARAMS,
     "api_base_url": env("IT_OAUTH_API_BASE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/"),
     "local_redirect_uri": env("IT_OAUTH_LOCAL_DIRECT_URI", default="http://localhost:8000/sso/callback/"),
+    "server_metadata_url": env("IT_OAUTH_SERVER_METADATA_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/.well-known/openid-configuration"),
     "client_kwargs": {
         'scope': env("IT_OAUTH_SCOPE", default=''),
         'token_endpoint_auth_method': 'client_secret_post',
-        'token_placement': 'header',
+        'token_placement': 'body',
     }
 }
 
diff --git a/server/vbv_lernwelt/sso/client.py b/server/vbv_lernwelt/sso/client.py
index 0170f2e3..71d1954a 100644
--- a/server/vbv_lernwelt/sso/client.py
+++ b/server/vbv_lernwelt/sso/client.py
@@ -20,10 +20,11 @@ oauth.register(
     client_secret=settings.OAUTH["client_secret"],
     request_token_url=None,
     request_token_params=None,
-    access_token_url=settings.OAUTH["access_token_url"],
-    access_token_params=None,
-    authorize_url=settings.OAUTH["authorize_url"],
+    # access_token_url=settings.OAUTH["access_token_url"],
+    access_token_params=settings.OAUTH["access_token_params"],
+    # authorize_url=settings.OAUTH["authorize_url"],
     authorize_params=settings.OAUTH["authorize_params"],
-    api_base_url=settings.OAUTH["api_base_url"],
-    client_kwargs=settings.OAUTH["client_kwargs"]
+    # api_base_url=settings.OAUTH["api_base_url"],
+    client_kwargs=settings.OAUTH["client_kwargs"],
+    server_metadata_url=settings.OAUTH["server_metadata_url"],
 )

From b06db37d0550a4c225d72dc6d00d80b5b7f2f85c Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Mon, 15 Aug 2022 11:42:34 +0200
Subject: [PATCH 02/10] WIP: Add test url

---
 server/config/settings/base.py   | 4 ++--
 server/vbv_lernwelt/sso/urls.py  | 1 +
 server/vbv_lernwelt/sso/views.py | 5 +++++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/server/config/settings/base.py b/server/config/settings/base.py
index c19d9792..9efc8117 100644
--- a/server/config/settings/base.py
+++ b/server/config/settings/base.py
@@ -522,8 +522,8 @@ OAUTH = {
     "client_name": env("IT_OAUTH_CLIENT_NAME", default="lernetz"),
     "client_id": env("IT_OAUTH_CLIENT_ID", default="iterativ"),
     "client_secret": env("IT_OAUTH_CLIENT_SECRET", default=""),
-    "access_token_url": env("IT_OAUTH_ACCESS_TOKEN_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/token"),
-    "authorize_url": env("IT_OAUTH_AUTHORIZE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/auth"),
+    # "access_token_url": env("IT_OAUTH_ACCESS_TOKEN_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/token"),
+    # "authorize_url": env("IT_OAUTH_AUTHORIZE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/auth"),
     "authorize_params": IT_OAUTH_AUTHORIZE_PARAMS,
     "access_token_params": IT_OAUTH_AUTHORIZE_PARAMS,
     "api_base_url": env("IT_OAUTH_API_BASE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/"),
diff --git a/server/vbv_lernwelt/sso/urls.py b/server/vbv_lernwelt/sso/urls.py
index 56785481..44f0d80e 100644
--- a/server/vbv_lernwelt/sso/urls.py
+++ b/server/vbv_lernwelt/sso/urls.py
@@ -7,4 +7,5 @@ app_name = 'sso'
 urlpatterns = [
     path(r'login/', django_view_authentication_exempt(views.login), name='login'),
     path(r'callback/', django_view_authentication_exempt(views.authorize), name='authorize'),
+    path(r'foo/', django_view_authentication_exempt(views.foo), name='foo'),
 ]
diff --git a/server/vbv_lernwelt/sso/views.py b/server/vbv_lernwelt/sso/views.py
index 96298586..b3cb51c0 100644
--- a/server/vbv_lernwelt/sso/views.py
+++ b/server/vbv_lernwelt/sso/views.py
@@ -2,6 +2,7 @@ import structlog as structlog
 from authlib.integrations.base_client import OAuthError
 from django.conf import settings
 from django.shortcuts import redirect
+from django.http import HttpResponse
 from sentry_sdk import capture_exception
 from django.contrib.auth import login as dj_login, get_user_model
 
@@ -40,6 +41,10 @@ def authorize(request):
     return redirect(f'/{OAUTH_SUCCESS_REDIRECT}?state=success')  # to be defined
 
 
+def foo(request):
+    return HttpResponse(settings.OAUTH["server_metadata_url"])
+
+
 def _user_data_from_token_data(token: dict) -> dict:
     return {
         "first_name": token.get("given_name", ""),

From 67b8aa9f8d215d2fe55bc91b9172c18119382dd2 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Mon, 15 Aug 2022 13:02:52 +0200
Subject: [PATCH 03/10] Remove test data, read correct string

---
 server/vbv_lernwelt/sso/client.py | 4 ----
 server/vbv_lernwelt/sso/urls.py   | 1 -
 server/vbv_lernwelt/sso/views.py  | 8 ++------
 3 files changed, 2 insertions(+), 11 deletions(-)

diff --git a/server/vbv_lernwelt/sso/client.py b/server/vbv_lernwelt/sso/client.py
index 71d1954a..123c06ff 100644
--- a/server/vbv_lernwelt/sso/client.py
+++ b/server/vbv_lernwelt/sso/client.py
@@ -20,11 +20,7 @@ oauth.register(
     client_secret=settings.OAUTH["client_secret"],
     request_token_url=None,
     request_token_params=None,
-    # access_token_url=settings.OAUTH["access_token_url"],
-    access_token_params=settings.OAUTH["access_token_params"],
-    # authorize_url=settings.OAUTH["authorize_url"],
     authorize_params=settings.OAUTH["authorize_params"],
-    # api_base_url=settings.OAUTH["api_base_url"],
     client_kwargs=settings.OAUTH["client_kwargs"],
     server_metadata_url=settings.OAUTH["server_metadata_url"],
 )
diff --git a/server/vbv_lernwelt/sso/urls.py b/server/vbv_lernwelt/sso/urls.py
index 44f0d80e..56785481 100644
--- a/server/vbv_lernwelt/sso/urls.py
+++ b/server/vbv_lernwelt/sso/urls.py
@@ -7,5 +7,4 @@ app_name = 'sso'
 urlpatterns = [
     path(r'login/', django_view_authentication_exempt(views.login), name='login'),
     path(r'callback/', django_view_authentication_exempt(views.authorize), name='authorize'),
-    path(r'foo/', django_view_authentication_exempt(views.foo), name='foo'),
 ]
diff --git a/server/vbv_lernwelt/sso/views.py b/server/vbv_lernwelt/sso/views.py
index b3cb51c0..21edd544 100644
--- a/server/vbv_lernwelt/sso/views.py
+++ b/server/vbv_lernwelt/sso/views.py
@@ -25,7 +25,7 @@ def authorize(request):
     try:
         logger.debug(request)
         token = getattr(oauth, settings.OAUTH["client_name"]).authorize_access_token(request)
-        deocded_token = decode_jwt(token["access_token"])
+        deocded_token = decode_jwt(token["id_token"])
     except OAuthError as e:
         logger.error(f'OAuth error: {e}')
         if not settings.DEBUG:
@@ -41,14 +41,10 @@ def authorize(request):
     return redirect(f'/{OAUTH_SUCCESS_REDIRECT}?state=success')  # to be defined
 
 
-def foo(request):
-    return HttpResponse(settings.OAUTH["server_metadata_url"])
-
-
 def _user_data_from_token_data(token: dict) -> dict:
     return {
         "first_name": token.get("given_name", ""),
         "last_name": token.get("family_name", ""),
         "username": token.get("preferred_username", ""),
-        "email": token.get("email", ""),
+        "email": token.get("emails", [])[""],
     }

From 3280fc44fa6e3f85cf0bcc3cfa502d02b7de5402 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Tue, 16 Aug 2022 08:00:05 +0200
Subject: [PATCH 04/10] Fix get email, remove versions from deploy script

---
 caprover_deploy.sh               | 5 ++---
 server/vbv_lernwelt/sso/views.py | 2 +-
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/caprover_deploy.sh b/caprover_deploy.sh
index 70a9ac69..dd6c138e 100755
--- a/caprover_deploy.sh
+++ b/caprover_deploy.sh
@@ -13,10 +13,9 @@ set -ev
 npm run build
 
 # create and push new docker container
-docker buildx build --platform=linux/amd64 -f compose/django/Dockerfile -t "$TAG" -t "$LATEST" --build-arg VERSION="$VERSION" --build-arg BUILD_TIMESTAMP="$BUILD_TIMESTAMP" .
+# docker buildx build --platform=linux/amd64 -f compose/django/Dockerfile -t "$TAG" -t "$LATEST" --build-arg VERSION="$VERSION" --build-arg BUILD_TIMESTAMP="$BUILD_TIMESTAMP" .
+docker buildx build --platform=linux/amd64 -f compose/django/Dockerfile .
 docker push iterativ/vbv-lernwelt-django
-docker push "$TAG"
-docker push "$LATEST"
 
 # deploy to caprover
 caprover deploy -h https://captain.control.iterativ.ch -a vbv-lernwelt -i docker.io/iterativ/vbv-lernwelt-django
diff --git a/server/vbv_lernwelt/sso/views.py b/server/vbv_lernwelt/sso/views.py
index 21edd544..b37b41c2 100644
--- a/server/vbv_lernwelt/sso/views.py
+++ b/server/vbv_lernwelt/sso/views.py
@@ -46,5 +46,5 @@ def _user_data_from_token_data(token: dict) -> dict:
         "first_name": token.get("given_name", ""),
         "last_name": token.get("family_name", ""),
         "username": token.get("preferred_username", ""),
-        "email": token.get("emails", [])[""],
+        "email": token.get("emails", [''])[0],
     }

From ec5b659ff083298bfea6b44b7751949f8574c7f0 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Tue, 16 Aug 2022 15:43:30 +0200
Subject: [PATCH 05/10] Fix background scroll on modal

---
 .../src/components/ui/ItFullScreenModal.vue   | 22 ++++++++++++++++++-
 client/tailwind.css                           |  7 ++++++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/client/src/components/ui/ItFullScreenModal.vue b/client/src/components/ui/ItFullScreenModal.vue
index 53ff4e5a..3aec3ba2 100644
--- a/client/src/components/ui/ItFullScreenModal.vue
+++ b/client/src/components/ui/ItFullScreenModal.vue
@@ -1,12 +1,32 @@
 <script setup lang="ts">
 // inspiration https://vuejs.org/examples/#modal
 
+import {onMounted, watch} from "vue";
+import {HTMLElement} from "happy-dom";
+
 const props = defineProps<{
   show: boolean
 }>()
 
 const emits = defineEmits(['closemodal'])
 
+let appElement: HTMLElement | null = null;
+
+watch(() => props.show,
+  (isShown) => isShown && appElement ? appElement.classList.add('no-scroll') : null
+)
+
+onMounted(() => {
+  appElement = document.getElementById('app');
+})
+
+const closeModal = () => {
+  if (appElement) {
+    appElement.classList.remove('no-scroll')
+  }
+  emits('closemodal')
+}
+
 </script>
 
 <template>
@@ -17,7 +37,7 @@ const emits = defineEmits(['closemodal'])
       <button
         type="button"
         class="w-8 h-8 absolute right-4 top-4 cursor-pointer"
-        @click="$emit('closemodal')"
+        @click="closeModal"
       >
         <it-icon-close></it-icon-close>
       </button>
diff --git a/client/tailwind.css b/client/tailwind.css
index a62e7281..d6ff3921 100644
--- a/client/tailwind.css
+++ b/client/tailwind.css
@@ -90,3 +90,10 @@ svg {
   }
 }
 
+@layer utilities {
+  .no-scroll {
+    height: 100vh;
+    overflow: hidden;
+  }
+}
+

From 66a41ff85b5e05b64b6cd37839dc01d28b022b37 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Wed, 17 Aug 2022 09:22:22 +0200
Subject: [PATCH 06/10] Refactor active link function

---
 client/src/components/MainNavigationBar.vue | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/client/src/components/MainNavigationBar.vue b/client/src/components/MainNavigationBar.vue
index f3e7454a..ffa0ebd0 100644
--- a/client/src/components/MainNavigationBar.vue
+++ b/client/src/components/MainNavigationBar.vue
@@ -24,12 +24,12 @@ function toggleNav() {
   state.showMenu = !state.showMenu;
 }
 
-function menuActive(checkPath) {
-  return route.path.startsWith(checkPath);
+function isInRoutePath(checkPaths: string[]) {
+  return checkPaths.some((path) => route.path.startsWith(path))
 }
 
 function inLearningPath() {
-  return route.path.startsWith('/learningpath/') || route.path.startsWith('/circle/');
+  return isInRoutePath(['/learningpath/', '/circle/']);
 }
 
 function getLearningPathStringProp (prop: 'title' | 'slug'): string {
@@ -176,7 +176,7 @@ const profileDropdownData = [
               v-if="inLearningPath()"
               to="/learningpath/versicherungsvermittlerin"
               class="nav-item"
-              :class="{'nav-item--active': menuActive('/learningpath/')}"
+              :class="{'nav-item--active': inLearningPath()}"
             >
               Lernpfad
             </router-link>
@@ -185,7 +185,7 @@ const profileDropdownData = [
               v-if="inLearningPath()"
               to="/competences/"
               class="nav-item"
-              :class="{'nav-item--active': menuActive('/competences/')}"
+              :class="{'nav-item--active': isInRoutePath(['/competences/'])}"
             >
               Kompetenzprofil
             </router-link>
@@ -194,14 +194,14 @@ const profileDropdownData = [
             <router-link
               to="/shop"
               class="nav-item"
-              :class="{'nav-item--active': menuActive('/shop')}"
+              :class="{'nav-item--active': isInRoutePath(['/shop'])}"
             >
               Shop
             </router-link>
             <router-link
               to="/mediacenter"
               class="nav-item"
-              :class="{'nav-item--active': menuActive('/mediacenter')}"
+              :class="{'nav-item--active': isInRoutePath(['/mediacenter'])}"
             >
               Mediathek
             </router-link>

From df903f2663ced6d2b5d83ef615c6c9a3f8469171 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Wed, 17 Aug 2022 15:59:01 +0200
Subject: [PATCH 07/10] Add back link, remove unused code, fix mobile menu
 margins

---
 client/src/components/MobileMenu.vue          | 30 +++++++++++--------
 .../src/components/ui/ItFullScreenModal.vue   |  2 +-
 client/src/views/CircleView.vue               | 10 ++++++-
 server/vbv_lernwelt/sso/client.py             | 11 -------
 4 files changed, 27 insertions(+), 26 deletions(-)

diff --git a/client/src/components/MobileMenu.vue b/client/src/components/MobileMenu.vue
index 93312cf1..210cff55 100644
--- a/client/src/components/MobileMenu.vue
+++ b/client/src/components/MobileMenu.vue
@@ -29,19 +29,23 @@ const clickLink = (to: string) => {
   >
   <div>
     <div>
-      <div class="flex border-b border-gray-500 -mx-8 px-8 pb-4">
-        <div v-if="user.avatar_url">
-          <img class="inline-block h-16 w-16 rounded-full"
-               :src="user.avatar_url"
-               alt=""/>
-        </div>
-        <div class="ml-6">
-          <h3>{{user.first_name}} {{user.last_name}}</h3>
-            <button
-              @click="clickLink('/profile')"
-              class="mt-2 inline-block items-center">
-              <IconSettings class="inline-block" /><span class="ml-3">Kontoeinstellungen</span>
-            </button>
+      <div class="border-b border-gray-500 -mx-4 px-8 pb-4">
+        <div class="-ml-4 flex">
+          <div
+            v-if="user.avatar_url"
+            >
+            <img class="inline-block h-16 w-16 rounded-full"
+                 :src="user.avatar_url"
+                 alt=""/>
+          </div>
+          <div class="ml-6">
+            <h3>{{user.first_name}} {{user.last_name}}</h3>
+              <button
+                @click="clickLink('/profile')"
+                class="mt-2 inline-block items-center">
+                <IconSettings class="inline-block" /><span class="ml-3">Kontoeinstellungen</span>
+              </button>
+          </div>
         </div>
       </div>
       <div>
diff --git a/client/src/components/ui/ItFullScreenModal.vue b/client/src/components/ui/ItFullScreenModal.vue
index 3aec3ba2..8bed583b 100644
--- a/client/src/components/ui/ItFullScreenModal.vue
+++ b/client/src/components/ui/ItFullScreenModal.vue
@@ -33,7 +33,7 @@ const closeModal = () => {
   <Transition mode="in-out">
     <div
       v-if="show"
-      class="circle-overview px-4 py-16 lg:px-16 lg:py-24 fixed top-0 overflow-y-scroll bg-white h-full w-full">
+      class="px-4 py-16 lg:px-16 lg:py-24 fixed top-0 overflow-y-scroll bg-white h-full w-full">
       <button
         type="button"
         class="w-8 h-8 absolute right-4 top-4 cursor-pointer"
diff --git a/client/src/views/CircleView.vue b/client/src/views/CircleView.vue
index 77498f2c..31f708e7 100644
--- a/client/src/views/CircleView.vue
+++ b/client/src/views/CircleView.vue
@@ -43,7 +43,15 @@ onMounted(async () => {
     <div v-else>
       <div class="circle">
         <div class="flex flex-col lg:flex-row">
-          <div class="flex-initial lg:w-128 px-4 py-4 lg:px-8 lg:py-8">
+          <div class="flex-initial lg:w-128 px-4 py-4 lg:px-8 lg:pt-4">
+            <router-link
+              to="/learningpath/versicherungsvermittlerin"
+              class="btn-text inline-flex items-center px-3 py-4 font-normal"
+            >
+              <it-icon-arrow-left class="-ml-1 mr-1 h-5 w-5"></it-icon-arrow-left>
+              <span class="hidden lg:inline">zurück zum Lernpfad</span>
+            </router-link>
+
             <h1 class="text-blue-dark text-7xl">
               {{ circleStore.circle?.title }}
             </h1>
diff --git a/server/vbv_lernwelt/sso/client.py b/server/vbv_lernwelt/sso/client.py
index 123c06ff..875bfec1 100644
--- a/server/vbv_lernwelt/sso/client.py
+++ b/server/vbv_lernwelt/sso/client.py
@@ -2,17 +2,6 @@ from authlib.integrations.django_client import OAuth
 from django.conf import settings
 
 # # https://docs.authlib.org/en/latest/client/frameworks.html#frameworks-clients
-# def fetch_token(_name, request):
-#     try:
-#         token = OAuth2Token.objects.get(
-#             user=request.user
-#         )
-#         return token.to_token()
-#     except (OAuth2Token.DoesNotExist, TypeError):
-#         return None
-
-
-# oauth = OAuth(fetch_token=fetch_token)
 oauth = OAuth()
 oauth.register(
     name=settings.OAUTH["client_name"],

From 95a0e0f1a788ca284e3a2357907905a9912c49cb Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Thu, 18 Aug 2022 09:13:29 +0200
Subject: [PATCH 08/10] Fix main navigation bar issues

---
 client/src/components/MainNavigationBar.vue | 3 ++-
 client/src/components/MobileMenu.vue        | 6 +++---
 client/src/views/CircleView.vue             | 2 +-
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/client/src/components/MainNavigationBar.vue b/client/src/components/MainNavigationBar.vue
index ffa0ebd0..d725dfd0 100644
--- a/client/src/components/MainNavigationBar.vue
+++ b/client/src/components/MainNavigationBar.vue
@@ -139,6 +139,7 @@ const profileDropdownData = [
 
             <div class="flex items-center lg:hidden">
               <router-link
+                v-if="userStore.loggedIn"
                 to="/messages"
                 class="nav-item flex flex-row items-center"
               >
@@ -164,7 +165,7 @@ const profileDropdownData = [
 
           <!-- Mobile Menu open: "block", Menu closed: "hidden" -->
           <div
-            v-if="appStore.userLoaded && appStore.routingFinished && userStore.loggedIn "
+            v-if="appStore.userLoaded && appStore.routingFinished && userStore.loggedIn"
             :class="state.showMenu ? 'flex' : 'hidden'"
             class="
               flex-auto
diff --git a/client/src/components/MobileMenu.vue b/client/src/components/MobileMenu.vue
index 210cff55..f8f21bb4 100644
--- a/client/src/components/MobileMenu.vue
+++ b/client/src/components/MobileMenu.vue
@@ -42,7 +42,7 @@ const clickLink = (to: string) => {
             <h3>{{user.first_name}} {{user.last_name}}</h3>
               <button
                 @click="clickLink('/profile')"
-                class="mt-2 inline-block items-center">
+                class="mt-2 inline-block flex items-center">
                 <IconSettings class="inline-block" /><span class="ml-3">Kontoeinstellungen</span>
               </button>
           </div>
@@ -54,7 +54,7 @@ const clickLink = (to: string) => {
           v-if="learningPathName">
           <h4 class="text-gray-900 text-sm">Kurs: {{learningPathName}}</h4>
           <ul class="mt-6">
-            <li><button @click="clickLink('/learningpath')">Lernpfad</button></li>
+            <li><button @click="clickLink(`/learningpath/${learningPathSlug}`)">Lernpfad</button></li>
             <li class="mt-6">Kompetenzprofil</li>
           </ul>
         </div>
@@ -64,7 +64,7 @@ const clickLink = (to: string) => {
             <li class="mt-6">Mediathek</li>
           </ul>
         </div>
-        <div class="mt-6 items-center">
+        <div class="mt-6 items-center flex">
           <IconLogout class="inline-block" /><span class="ml-1">Abmelden</span>
         </div>
       </div>
diff --git a/client/src/views/CircleView.vue b/client/src/views/CircleView.vue
index 31f708e7..5c924b4d 100644
--- a/client/src/views/CircleView.vue
+++ b/client/src/views/CircleView.vue
@@ -49,7 +49,7 @@ onMounted(async () => {
               class="btn-text inline-flex items-center px-3 py-4 font-normal"
             >
               <it-icon-arrow-left class="-ml-1 mr-1 h-5 w-5"></it-icon-arrow-left>
-              <span class="hidden lg:inline">zurück zum Lernpfad</span>
+              <span class="inline">zurück zum Lernpfad</span>
             </router-link>
 
             <h1 class="text-blue-dark text-7xl">

From 6ec987110a469ed16a8e2df4aa300873069d1184 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Thu, 18 Aug 2022 09:21:22 +0200
Subject: [PATCH 09/10] Add sso login link

---
 client/src/views/LoginView.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/src/views/LoginView.vue b/client/src/views/LoginView.vue
index 137ee027..9f38b1a8 100644
--- a/client/src/views/LoginView.vue
+++ b/client/src/views/LoginView.vue
@@ -54,7 +54,7 @@ const userStore = useUserStore();
         />
       </div>
     </form>
-
+    <p class="pt-8"><a href="/sso/login/">Login mit SSO</a></p>
   </main>
 </template>
 

From 38d5fc3369971e014587a76e4df761021a78680b Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Thu, 18 Aug 2022 11:09:38 +0200
Subject: [PATCH 10/10] Add logout

---
 client/src/components/MainNavigationBar.vue |  8 ++++++--
 client/src/components/MobileMenu.vue        | 20 +++++++++++++-------
 client/src/stores/user.ts                   | 17 +++++++++++++----
 server/config/urls.py                       |  3 ++-
 server/vbv_lernwelt/core/views.py           |  8 +++++++-
 5 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/client/src/components/MainNavigationBar.vue b/client/src/components/MainNavigationBar.vue
index d725dfd0..ec3a2f6b 100644
--- a/client/src/components/MainNavigationBar.vue
+++ b/client/src/components/MainNavigationBar.vue
@@ -58,13 +58,17 @@ function handleDropdownSelect(data) {
       router.push('/profile')
       break
     case 'logout':
-      router.push('/logout')
+      userStore.handleLogout();
       break
     default:
       console.log('no action')
   }
 }
 
+function logout () {
+  userStore.handleLogout();
+}
+
 onMounted(() => {
   log.debug('MainNavigationBar mounted');
 })
@@ -96,7 +100,7 @@ const profileDropdownData = [
   <div>
     <Teleport to="body">
       <MobileMenu
-        :user="userStore"
+        :user-store="userStore"
         :show="state.showMenu"
         :learning-path-slug="learninPathSlug()"
         :learning-path-name="learningPathName()"
diff --git a/client/src/components/MobileMenu.vue b/client/src/components/MobileMenu.vue
index f8f21bb4..2d33dbf5 100644
--- a/client/src/components/MobileMenu.vue
+++ b/client/src/components/MobileMenu.vue
@@ -8,7 +8,7 @@ const router = useRouter()
 
 const props = defineProps<{
   show: boolean,
-  user: object,
+  userStore: object,
   learningPathName: string,
   learningPathSlug: string
 }>()
@@ -29,17 +29,19 @@ const clickLink = (to: string) => {
   >
   <div>
     <div>
-      <div class="border-b border-gray-500 -mx-4 px-8 pb-4">
+      <div
+        v-if="userStore.loggedIn"
+        class="border-b border-gray-500 -mx-4 px-8 pb-4">
         <div class="-ml-4 flex">
           <div
-            v-if="user.avatar_url"
+            v-if="userStore.avatar_url"
             >
             <img class="inline-block h-16 w-16 rounded-full"
-                 :src="user.avatar_url"
+                 :src="userStore.avatar_url"
                  alt=""/>
           </div>
           <div class="ml-6">
-            <h3>{{user.first_name}} {{user.last_name}}</h3>
+            <h3>{{userStore.first_name}} {{userStore.last_name}}</h3>
               <button
                 @click="clickLink('/profile')"
                 class="mt-2 inline-block flex items-center">
@@ -64,9 +66,13 @@ const clickLink = (to: string) => {
             <li class="mt-6">Mediathek</li>
           </ul>
         </div>
-        <div class="mt-6 items-center flex">
+        <button
+          v-if="userStore.loggedIn"
+          type="button"
+          @click="userStore.handleLogout()"
+          class="mt-6 items-center flex">
           <IconLogout class="inline-block" /><span class="ml-1">Abmelden</span>
-        </div>
+        </button>
       </div>
     </div>
   </div>
diff --git a/client/src/stores/user.ts b/client/src/stores/user.ts
index c756a08a..8097dba7 100644
--- a/client/src/stores/user.ts
+++ b/client/src/stores/user.ts
@@ -14,16 +14,18 @@ export type UserState = {
   loggedIn: boolean;
 }
 
-export const useUserStore = defineStore({
-  id: 'user',
-  state: () => ({
+const initialUserState: UserState = {
     email: '',
     first_name: '',
     last_name: '',
     username: '',
     avatar_url: '',
     loggedIn: false
-  } as UserState),
+  }
+
+export const useUserStore = defineStore({
+  id: 'user',
+  state: () => (initialUserState as UserState),
   getters: {
     getFullName(): string {
       return `${this.first_name} ${this.last_name}`.trim();
@@ -46,6 +48,13 @@ export const useUserStore = defineStore({
         });
       }
     },
+    handleLogout() {
+     itPost('/core/logout/', {})
+       .then(data => {
+         Object.assign(this, initialUserState);
+         window.location.href = '/';
+       })
+    },
     fetchUser() {
       const appStore = useAppStore();
       itGet('/api/core/me/').then((data) => {
diff --git a/server/config/urls.py b/server/config/urls.py
index f99b3bdb..d5aeada9 100644
--- a/server/config/urls.py
+++ b/server/config/urls.py
@@ -16,7 +16,7 @@ from vbv_lernwelt.core.middleware.auth import django_view_authentication_exempt
 from vbv_lernwelt.core.views import (
     rate_limit_exceeded_view,
     permission_denied_view,
-    check_rate_limit, cypress_reset_view, vue_home, vue_login, me_user_view, )
+    check_rate_limit, cypress_reset_view, vue_home, vue_login, me_user_view, vue_logout, )
 from .wagtail_api import wagtail_api_router
 
 
@@ -42,6 +42,7 @@ urlpatterns = [
     path('learnpath/', include("vbv_lernwelt.learnpath.urls")),
     path('api/completion/', include("vbv_lernwelt.completion.urls")),
     re_path(r'api/core/me/$', me_user_view, name='me_user_view'),
+    re_path(r'core/logout/$', vue_logout, name='vue_logout'),
 ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 if settings.DEBUG:
     # Static file serving when using Gunicorn + Uvicorn for local web socket development
diff --git a/server/vbv_lernwelt/core/views.py b/server/vbv_lernwelt/core/views.py
index 36c3a3b9..4e035fd5 100644
--- a/server/vbv_lernwelt/core/views.py
+++ b/server/vbv_lernwelt/core/views.py
@@ -3,7 +3,7 @@
 import requests
 import structlog
 from django.conf import settings
-from django.contrib.auth import authenticate, login
+from django.contrib.auth import authenticate, login, logout
 from django.core.management import call_command
 from django.http import JsonResponse, HttpResponse, HttpResponseRedirect
 from django.shortcuts import render
@@ -69,6 +69,12 @@ def me_user_view(request):
     return Response(status=403)
 
 
+@api_view(['POST'])
+def vue_logout(request):
+    logout(request)
+    return Response({'success': True}, 200)
+
+
 def permission_denied_view(request, exception):
     return render(request, "403.html", status=403)