Bug #9195
Modify logout view to take in account redirections.
100%
Description
views.logout make a full logout with iframes and then a local logout.
It may be necessary to make logout by redirections before local logout.
Logout fragments are collected from plugins calling logout_list functions. Those currently return iframe html fragments. So they could also return a uri.
To dinstinguish them and keep compatibility, the patch propose to pass the uri in a dict.
Associated revisions
Handle logout by redirection from plugins (fixes #9195).
A new plugin method called redirect_logout_list is used to collect
urls of logout endpoints.
The local logout is done before processing redirections. Urls are collected
when the user is logged in and put in session after is logged out.
History
#1 Updated by Mikaël Ates about 4 years ago
- File deleted (
0001-Allow-redirections-in-logout-from-plugins.patch)
#2 Updated by Mikaël Ates about 4 years ago
- File 0001-Allow-redirections-in-logout-from-plugins.patch added
#3 Updated by Benjamin Dauvergne about 4 years ago
I would like the local logout to happen before the last redirection, so this patch is not acceptable currently.
#4 Updated by Benjamin Dauvergne almost 4 years ago
- Target version set to 2.2.0
#5 Updated by Mikaël Ates almost 4 years ago
- File 0001-Handle-logout-by-redirection-from-plugins.patch added
Local logout is now done before handling redirections.
The session dict is saved only when it's modified (https://docs.djangoproject.com/fr/1.9/topics/http/sessions/). That is not the case when I pop a value of a list recorded in the session. One solution is to use SESSION_SAVE_EVERY_REQUEST / request.session.modified. I prefered to pop the list from the dict, pop a value from it and record the list updated in the session.
#6 Updated by Mikaël Ates almost 4 years ago
- File deleted (
0001-Allow-redirections-in-logout-from-plugins.patch)
#7 Updated by Mikaël Ates almost 4 years ago
- File 0001-Handle-logout-by-redirection-from-plugins.patch added
#8 Updated by Mikaël Ates almost 4 years ago
- File deleted (
0001-Handle-logout-by-redirection-from-plugins.patch)
#9 Updated by Benjamin Dauvergne almost 4 years ago
C'est là qu'un test autour du logout aurait-été bien... Est-ce que tu ne pourrais pas modifier un peu moins la structure de contrôle ? La fonction est déjà complexe, et le changement ne la simplifiant pas j'aurai préféré que le changement soit moins intrusif.
#10 Updated by Mikaël Ates almost 4 years ago
Patch revised to set the info message and do the set cookie only at the local logout.
#11 Updated by Mikaël Ates almost 4 years ago
- File deleted (
0001-Handle-logout-by-redirection-from-plugins.patch)
#12 Updated by Mikaël Ates almost 4 years ago
La structure de contrôle sort de la fonction si l'utilisateur n'est pas loggué localement. Or la vue gère désormais les logouts par redirections après le logout local, ce qui m'a conduit à revoir la structure de contrôle. Si tu vois quelque chose de plus léger, dis moi.
#13 Updated by Benjamin Dauvergne almost 4 years ago
- Assignee changed from Benjamin Dauvergne to Mikaël Ates
#14 Updated by Benjamin Dauvergne almost 4 years ago
Avec le code actuel le next_url
d'origine est perdu quand targets n'est pas vide, j'ajouterai le patch suivant;
diff --git a/src/authentic2/views.py b/src/authentic2/views.py index ed348a2..13699bc 100644 --- a/src/authentic2/views.py +++ b/src/authentic2/views.py @@ -469,7 +469,7 @@ def logout(request, next_url=None, default_next_url='auth_homepage', local_logout_done = True # Put redirection targets in session (after logout) if targets: - request.session['logout_redirections'] = targets + request.session['logout_redirections'] = [next_url] + targets # Full logout by redirections if any targets = request.session.pop('logout_redirections', None) if targets:
Sinon on peut pousser je pense.
#15 Updated by Mikaël Ates almost 4 years ago
- File 0001-Handle-logout-by-redirection-from-plugins.patch View added
- Assignee changed from Mikaël Ates to Benjamin Dauvergne
J'ai ajouté next_url en fin de liste, car celle-ci est traitée avec pop(0), quelques commentaires et messages de debug.
#16 Updated by Benjamin Dauvergne almost 4 years ago
Ack.
#17 Updated by Mikaël Ates almost 4 years ago
- % Done changed from 0 to 100
- Status changed from Nouveau to Résolu (à déployer)
Appliqué par commit authentic2|9ae46032945172b9c03faa24f48651a77ec7008e.
#18 Updated by Benjamin Dauvergne almost 4 years ago
- Status changed from Résolu (à déployer) to Solution déployée
#19 Updated by Benjamin Dauvergne about 2 years ago
- Status changed from Solution déployée to Fermé