Skip to content
Permalink
Browse files

Item11904: Split out logout code from LoginManager

git-svn-id: http://svn.foswiki.org/trunk@14924 0b4bb1d4-4e5a-0410-9cc4-b2b747904278
  • Loading branch information...
ArthurClemens ArthurClemens
ArthurClemens authored and ArthurClemens committed May 29, 2012
1 parent 4b9e536 commit d7c38f78cc205376d30093d6295560da829ff9b5
Showing with 45 additions and 29 deletions.
  1. +45 −29 core/lib/Foswiki/LoginManager.pm
@@ -454,34 +454,7 @@ sub loadSession {
$authUser = $sudoUser;
}
else {
_trace( $this, "User is logging out" );
$session->logEvent( 'logout', ' ',
"AUTHENTICATION LOGOUT - $authUser - " );

#TODO: consider if we should risk passing on the urlparams on logout
my $path_info = $session->{request}->path_info();
if ( my $topic = $session->{request}->param('topic') )
{ #we should at least respect the ?topic= request
my $topicRequest = Foswiki::Sandbox::untaintUnchecked(
$session->{request}->param('topic') );
my ( $web, $topic ) =
$this->{session}
->normalizeWebTopicName( undef, $topicRequest );
$path_info = '/' . $web . '/' . $topic;
}

my $redirectUrl;
if ($path_info) {
$redirectUrl = $session->{request}->url() . $path_info;
}
else {
$redirectUrl = $session->{request}->referer();
}

#lets avoid infinite loops
$session->{request}->delete('logout');
$authUser = $defaultUser;
$session->redirect( $redirectUrl, 0 );
$authUser = $this->_logout( $authUser, $defaultUser );
}
}
$session->{request}->delete('logout');
@@ -513,6 +486,49 @@ sub loadSession {

=begin TML
---++ ObjectMethod _logout($defaultUser)
=cut

sub _logout {
my ( $this, $authUser, $defaultUser ) = @_;
_trace( $this, "User is logging out" );

my $session = $this->{session};
$defaultUser = $Foswiki::cfg{DefaultUserLogin}
unless ( defined($defaultUser) );

$session->logEvent( 'logout', ' ', "AUTHENTICATION LOGOUT - $authUser - " );

#TODO: consider if we should risk passing on the urlparams on logout
my $path_info = $session->{request}->path_info();
if ( my $topic = $session->{request}->param('topic') )
{ #we should at least respect the ?topic= request
my $topicRequest = Foswiki::Sandbox::untaintUnchecked(
$session->{request}->param('topic') );
my ( $web, $topic ) =
$this->{session}->normalizeWebTopicName( undef, $topicRequest );
$path_info = '/' . $web . '/' . $topic;
}

my $redirectUrl;
if ($path_info) {
$redirectUrl = $session->{request}->url() . $path_info;
}
else {
$redirectUrl = $session->{request}->referer();
}

#lets avoid infinite loops
$session->{request}->delete('logout');
$authUser = $defaultUser;
$session->redirect( $redirectUrl, 0 );

return $authUser;
}

=begin TML
---++ ObjectMethod checkAccess()
Check if the script being run in this session is authorised for execution.
@@ -1264,7 +1280,7 @@ sub _skinSelect {
__END__
Foswiki - The Free and Open Source Wiki, http://foswiki.org/
Copyright (C) 2008-2010 Foswiki Contributors. Foswiki Contributors
Copyright (C) 2008-2012 Foswiki Contributors. Foswiki Contributors
are listed in the AUTHORS file in the root of this distribution.
NOTE: Please extend that file, not this notice.

0 comments on commit d7c38f7

Please sign in to comment.
You can’t perform that action at this time.