new set and unset session

hivesolutions · Jan 13, 2016 · d5c4128 · d5c4128
1 parent 886e553
commit d5c4128
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 15 deletions.
diff --git a/src/appier_extras/parts/admin/models/account.py b/src/appier_extras/parts/admin/models/account.py
@@ -308,6 +308,23 @@ def unpack(cls, password):
     def is_encrypted(cls, password):
         return password.count(":") > 0
 
+    @classmethod
+    def _unset_session(cls):
+        session = appier.get_session()
+        if "username" in session: del session["username"]
+        if "name" in session: del session["name"]
+        if "email" in session: del session["email"]
+        if "type" in session: del session["type"]
+        if "tokens" in session: del session["tokens"]
+        if "params" in session: del session["params"]
+        if "fb.access_token" in session: del session["fb.access_token"]
+        if "tw.oauth_token" in session: del session["tw.oauth_token"]
+        if "tw.oauth_token_secret" in session: del session["tw.oauth_token_secret"]
+        if "tw.oauth_temporary" in session: del session["tw.oauth_temporary"]
+        if "gg.access_token" in session: del session["gg.access_token"]
+        if "gh.access_token" in session: del session["gh.access_token"]
+        if "live.access_token" in session: del session["live.access_token"]
+
     def pre_save(self):
         base.Base.pre_save(self)
         if hasattr(self, "password"): self.password = self.encrypt(self.password)

diff --git a/src/appier_extras/parts/admin/part.py b/src/appier_extras/parts/admin/part.py
@@ -220,17 +220,7 @@ def logout(self):
         # verifies the existence of the various account related session
         # attributes and in case they exist removes them from session as
         # the user is currently logging out from session
-        if "username" in self.session: del self.session["username"]
-        if "email" in self.session: del self.session["email"]
-        if "type" in self.session: del self.session["type"]
-        if "tokens" in self.session: del self.session["tokens"]
-        if "fb.access_token" in self.session: del self.session["fb.access_token"]
-        if "tw.oauth_token" in self.session: del self.session["tw.oauth_token"]
-        if "tw.oauth_token_secret" in self.session: del self.session["tw.oauth_token_secret"]
-        if "tw.oauth_temporary" in self.session: del self.session["tw.oauth_temporary"]
-        if "gg.access_token" in self.session: del self.session["gg.access_token"]
-        if "gh.access_token" in self.session: del self.session["gh.access_token"]
-        if "live.access_token" in self.session: del self.session["live.access_token"]
+        models.Account._unset_session()
 
         # runs the proper redirect operation, taking into account if the
         # next value has been provided or not
@@ -945,10 +935,7 @@ def login_api(self):
 
         # updates the current session with the proper
         # values to correctly authenticate the user
-        self.session["username"] = account.username
-        self.session["email"] = account.email
-        self.session["type"] = account.type_s()
-        self.session["tokens"] = account.tokens()
+        account._set_session()
 
         # retrieves the session identifier (sid) for the currently
         # assigned session, this is going to be used in the next