entrouvert
/
django-mellon
16
0
Fork 0
Code Issues Pull Requests Releases Activity

views: always do the local logout

This commit is contained in:
Benjamin Dauvergne 2014-05-02 15:58:48 +02:00
parent 6b8dcc5e78
commit d2feb75bb6
1 changed files with 16 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
mellon/views.py
View File

@ -173,18 +173,22 @@ class LogoutView(View):
referer = request.META.get('HTTP_REFERER')
if not referer or same_origin(referer, request.build_absolute_uri()):
if request.user.is_authenticated():
issuer = request.session.get('mellon_session', {}).get('issuer')
if issuer:
logout = utils.create_logout(request)
try:
logout.initRequest(issuer, lasso.HTTP_METHOD_REDIRECT)
logout.msgRelayState = next_url
logout.buildRequestMsg()
except lasso.Error, e:
log.error('unable to initiate a logout request %r', e)
else:
return HttpResponseRedirect(logout.msgUrl)
auth.logout(request)
try:
issuer = request.session.get('mellon_session', {}).get('issuer')
if issuer:
logout = utils.create_logout(request)
try:
logout.initRequest(issuer, lasso.HTTP_METHOD_REDIRECT)
logout.msgRelayState = next_url
logout.buildRequestMsg()
except lasso.Error, e:
log.error('unable to initiate a logout request %r', e)
else:
log.debug('sending LogoutRequest %r', logout.request.dump())
log.debug('to URL %r', logout.msgUrl)
return HttpResponseRedirect(logout.msgUrl)
finally:
auth.logout(request)
else:
log.warning('logout refused referer %r is not of the '
'same origin', referer)