Permalink
Browse files

Make 'logout' forget remember token

  • Loading branch information...
1 parent 8766570 commit bbcb9f96d8e8d85fb4f693b745a22cae611b1fde @ozataman ozataman committed Sep 29, 2011
Showing with 6 additions and 0 deletions.
  1. +6 −0 src/Snap/Snaplet/Auth.hs
View
@@ -135,6 +135,8 @@ logout :: Handler b (AuthManager b) ()
logout = do
s <- getsSnapletState session
withTop s $ withSession s removeSessionUserId
+ AuthManager _ _ _ _ rc _ _ _ <- getSnapletState
+ forgetRememberToken rc
modifySnapletState (\mgr -> mgr { activeUser = Nothing } )
@@ -297,9 +299,13 @@ forceLogin u = do
getRememberToken sk rc rp = getSecureCookie rc sk rp
+
setRememberToken sk rc rp token = setSecureCookie rc sk rp token
+forgetRememberToken rc = expireCookie rc (Just "/")
+
+
------------------------------------------------------------------------------
-- | Set the current user's 'UserId' in the active session
setSessionUserId :: UserId -> Handler b SessionManager ()

0 comments on commit bbcb9f9

Please sign in to comment.