@@ -42,4 +42,9 @@ class SessionsController < ApplicationController authentication_failed('There was a problem trying to authenticate you. Please try again.') and return end end + + def destroy + logout_keeping_session! + redirect_back_or_default('/') + end end app/controllers/sessions_controller.rb @@ -1,5 +1,6 @@ ActionController::Routing::Routes.draw do |map| map.login '/login', :controller => 'sessions', :action => 'new' + map.logout '/logout', :controller => 'sessions', :action => 'destroy' map.resource :session map.oauth_callback '/oauth_callback', :controller => 'sessions', :action => 'oauth_callback' end config/routes.rb @@ -48,6 +48,11 @@ module TwitterAuth def logged_in? !!current_user end + + def logout_keeping_session! + @current_user = nil + session[:user_id] = nil + end end end lib/twitter_auth/controller_extensions.rb @@ -30,10 +30,15 @@ class TwitterAuthTestController < ApplicationController def redirect_back_action redirect_back_or_default(params[:to] || '/') end + + def logout_keeping_session_action + logout_keeping_session! + redirect_back_or_default('/') + end end describe TwitterAuthTestController do - %w(authentication_failed authentication_succeeded current_user authorized? login_required access_denied store_location redirect_back_or_default).each do |m| + %w(authentication_failed authentication_succeeded current_user authorized? login_required access_denied store_location redirect_back_or_default logout_keeping_session!).each do |m| it "should respond to the extension method '#{m}'" do controller.should respond_to(m) end @@ -120,4 +125,22 @@ describe TwitterAuthTestController do should redirect_to('/someurl') end end + + describe 'logout_keeping_session!' do + before do + @user = Factory.create(:twitter_oauth_user) + request.session[:user_id] = @user.id + end + + it 'should unset session[:user_id]' do + get :logout_keeping_session_action + request.session[:user_id].should be_nil + end + + it 'should unset current_user' do + controller.send(:current_user).should == @user + get :logout_keeping_session_action + controller.send(:current_user).should be_nil + end + end end spec/controllers/controller_extensions_spec.rb @@ -10,6 +10,14 @@ describe SessionsController do params_from(:get, '/login').should == {:controller => 'sessions', :action => 'new'} end + it 'should route /logout to SessionsController#destroy' do + params_from(:get, '/logout').should == {:controller => 'sessions', :action => 'destroy'} + end + + it 'should route DELETE /session to SessionsController#destroy' do + params_from(:delete, '/session').should == {:controller => 'sessions', :action => 'destroy'} + end + it 'should route /oauth_callback to SessionsController#oauth_callback' do params_from(:get, '/oauth_callback').should == {:controller => 'sessions', :action => 'oauth_callback'} end @@ -129,4 +137,16 @@ describe SessionsController do end end end + + describe '#destroy' do + it 'should call logout_keeping_session!' do + controller.should_receive(:logout_keeping_session!).once + get :destroy + end + + it 'should redirect to the root' do + get :destroy + response.should redirect_to('/') + end + end end spec/controllers/sessions_controller_spec.rb 0c8c8fe2492983f79e111d4f4c4560983e265afc Michael Bleigh michael@intridea.com http://github.com/mbleigh/twitter-auth/commit/6fbda99c68d939fc8e0b93d9e35efe7c5e7c99af 6fbda99c68d939fc8e0b93d9e35efe7c5e7c99af 2009-03-18T16:27:34-07:00 2009-03-18T16:27:34-07:00 Added logout, meaning that the full authentication process now works with OAuth. fb10cbd10f5bfa7abae7e64c1c80b157228538ff Michael Bleigh michael@intridea.com