entrouvert
/
glasnost
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

option DeleteSessionOnLogout qui permet la suppression de la session au logout

This commit is contained in:
fpeters 2004-03-07 17:52:27 +00:00
parent 9c00678b69
commit 0bcdd20e04
2 changed files with 24 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.config
View File

@ -71,6 +71,9 @@ CacheTime:
Debug:
Show debugging information when an error occurs. (default: false)
DeleteSessionOnLogout:
(default: false)
DisableSpellchecking:
Disable spellchecking (used in <textarea> previews). (default: false)

25
shared/web/IdentitiesWeb.py
View File

@ -85,8 +85,7 @@ from glasnost.proxy.tools import getProxyForServerRole
import ObjectsWeb as objects
import things
from tools import OK, HTTP_NO_CONTENT, accessForbidden, failure, \
getWeb, getWebForServerRole, redirect, writePageLayout
from tools import *
class AdminIdentities(objects.AdminMixin, proxyIdentities.AdminIdentities):
@ -775,14 +774,32 @@ class IdentitiesWeb(objects.ObjectsWebMixin, proxyIdentities.IdentitiesProxy):
def logout(self):
self.deleteUserToken()
session = context.getVar('session')
if session is not None:
# Don't delete the session, just remove userToken from it.
if webTools.getConfig('DeleteSessionOnLogout'):
if session:
try:
getProxyForServerRole('sessions').deleteSession(
context.getVar('sessionToken'))
except UnknownSessionToken:
# uh ?
pass
nextUri = context.getVar('nextUri') or ''
if not nextUri:
nextUri = '/'
else:
nextUri = cleanUpUri(nextUri, ['sessionToken'])
return redirect(nextUri)
# Don't delete the session, just remove userToken from it.
if session:
context.setVar('userId', None)
context.setVar('user', None)
if session.has_key('userToken'):
del session['userToken']
session['isDirty'] = 1
context.setVar('userToken', '')
# if not context.getVar('sessionTokenInCookie', default = 0):
# # The sessionToken was not stored in a cookie, so don't try to
# # use