Projet

Général

Profil

0001-Handle-logout-by-redirection-from-plugins.patch

Mikaël Ates, 19 janvier 2016 16:32

Télécharger (4,55 ko)

Voir les différences:

Subject: [PATCH] Handle logout by redirection from plugins.

    A new plugin method called redirect_logout_list is used to collect
    urls of logout endpoints.

    The local logout is done before processing redirections. Urls are collected
    when the user is logged in and put in session after is logged out.
 src/authentic2/views.py | 67 +++++++++++++++++++++++++++++++++----------------
 1 file changed, 45 insertions(+), 22 deletions(-)
src/authentic2/views.py
424 424
    '''Return logout links from idp backends'''
425 425
    return utils.accumulate_from_backends(request, 'logout_list')
426 426

  
427
def redirect_logout_list(request):
428
    '''Return redirect logout links from idp backends'''
429
    return utils.accumulate_from_backends(request, 'redirect_logout_list')
430

  
427 431
def logout(request, next_url=None, default_next_url='auth_homepage',
428 432
        redirect_field_name=REDIRECT_FIELD_NAME,
429 433
        template='authentic2/logout.html', do_local=True, check_referer=True):
......
441 445
    ctx = {}
442 446
    ctx['next_url'] = next_url
443 447
    ctx['redir_timeout'] = 60
444
    # Shortcut !
445
    if not request.user.is_authenticated():
446
        return utils.redirect(request, next_url)
447
    if check_referer and not utils.check_referer(request):
448
        return render(request, 'authentic2/logout_confirm.html', ctx)
449
    do_local = do_local and 'local' in request.REQUEST
450
    if not do_local:
451
        l = logout_list(request)
452
        if l:
453
            # Full logout
454
            next_url = utils.make_url('auth_logout', params={
455
                'local': 'ok',
456
                REDIRECT_FIELD_NAME: next_url})
457
            ctx['next_url'] = next_url
458
            ctx['logout_list'] = l
459
            ctx['message'] = _('Logging out from all your services')
460
            return render(request, template, ctx)
461
    # Local logout
462
    logger.info('logged out')
463
    auth_logout(request)
464
    messages.info(request, _('You have been logged out'))
448
    local_logout_done = False
449
    if request.user.is_authenticated():
450
        if check_referer and not utils.check_referer(request):
451
            return render(request, 'authentic2/logout_confirm.html', ctx)
452
        do_local = do_local and 'local' in request.REQUEST
453
        if not do_local:
454
            l = logout_list(request)
455
            if l:
456
                # Full logout with iframes
457
                next_url = utils.make_url('auth_logout', params={
458
                    'local': 'ok',
459
                    REDIRECT_FIELD_NAME: next_url})
460
                ctx['next_url'] = next_url
461
                ctx['logout_list'] = l
462
                ctx['message'] = _('Logging out from all your services')
463
                return render(request, template, ctx)
464
        # Get redirection targets for full logout with redirections
465
        # (needed before local logout)
466
        targets = redirect_logout_list(request)
467
        logger.debug('Accumulated redirections : {}'.format(targets))
468
        # Local logout
469
        auth_logout(request)
470
        logger.info('Logged out')
471
        local_logout_done = True
472
        # Last redirection will be the current next_url
473
        targets.append(next_url)
474
        # Put redirection targets in session (after local logout)
475
        request.session['logout_redirections'] = targets
476
        logger.debug('All planned redirections : {}'.format(targets))
477
    # Full logout by redirections if any
478
    targets = request.session.pop('logout_redirections', None)
479
    if targets:
480
        # Full logout with redirections
481
        logger.debug('Redirections queue: {}'.format(targets))
482
        next_url = targets.pop(0)
483
        request.session['logout_redirections'] = targets
484
    logger.debug('Next redirection : {}'.format(next_url))
465 485
    response = utils.redirect(request, next_url)
466
    response.set_cookie('a2_just_logged_out', 1, max_age=60)
486
    if local_logout_done:
487
        response.set_cookie('a2_just_logged_out', 1, max_age=60)
488
        messages.info(request, _('You have been logged out'))
467 489
    return response
468 490

  
491

  
469 492
def login_password_profile(request, *args, **kwargs):
470 493
    context_instance = kwargs.pop('context_instance', None) or RequestContext(request)
471 494
    can_change_password = (app_settings.A2_REGISTRATION_CAN_CHANGE_PASSWORD
472
-