Commit 28fcb558 authored by ale's avatar ale

Handle the double-logout case more cleanly

Do not attempt to call backends (keystore) with empty usernames.
parent f3fd32c0
Pipeline #6151 passed with stages
in 3 minutes and 39 seconds
......@@ -330,6 +330,10 @@ type logoutServiceInfo struct {
// Logout handler. We generate a page that triggers child logout
// requests to all the services the user is logged in to.
//
// Unauthenticated requests to /logout will fall through to this
// handler, but auth.Username will be empty in that case. We are
// still going to show the logout page to avoid confusion.
func (h *Server) handleLogout(w http.ResponseWriter, req *http.Request) {
auth, ok := login.GetAuth(req.Context())
if !ok {
......@@ -337,8 +341,6 @@ func (h *Server) handleLogout(w http.ResponseWriter, req *http.Request) {
return
}
//
var svcs []logoutServiceInfo
for _, svc := range auth.Services {
svcs = append(svcs, logoutServiceInfo{
......@@ -354,8 +356,8 @@ func (h *Server) handleLogout(w http.ResponseWriter, req *http.Request) {
"IncludeLogoutScripts": true,
}
// Close the keystore.
if h.keystore != nil {
// Close the keystore (only if the session had a valid username).
if h.keystore != nil && auth.Username != "" {
var shard string
if auth.UserInfo != nil {
shard = auth.UserInfo.Shard
......
......@@ -190,8 +190,10 @@ func (l *Login) ServeHTTP(w http.ResponseWriter, req *http.Request) {
// wrapped handler. Note that the Auth object will still
// contain valid data, but Authenticated will be set to false.
if req.URL.Path == l.urlFor("/logout") {
log.Printf("logging out user %s", session.Username)
session.Authenticated = false
if session.Authenticated {
log.Printf("logging out user %s", session.Username)
session.Authenticated = false
}
session.Delete()
} else if !session.Authenticated {
// Save the current URL in the session for later redirect.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment