Commit 198f7394 authored by ale's avatar ale

Do not ask for explicit confirmation on logout

Fixes issue #8.
parent 07c9a990
Pipeline #2146 passed with stages
in 1 minute and 41 seconds
......@@ -1247,7 +1247,6 @@ func templatesLogin_u2fHtml() (*asset, error) {
var _templatesLogoutHtml = []byte(`{{template "header" .}}
{{if .IsPOST}}
<div class="form-signin">
<h1 class="form-signin-heading>">Sign Out</h1>
......@@ -1287,26 +1286,6 @@ var _templatesLogoutHtml = []byte(`{{template "header" .}}
<div id="services" data-services="{{.ServicesJSON}}"></div>
</div>
{{else}}
<form class="form-signin" action="{{.URLPrefix}}/logout" method="post">
{{.CSRFField}}
<h1 class="form-signin-heading">Sign Out</h1>
<p>
You are about to sign out from the following services:
</p>
<ul>
{{range .Services}}
<li>{{.Name}}</li>
{{end}}
</ul>
<button type="submit" class="btn btn-lg btn-primary btn-block">Logout</button>
</form>
{{end}}
{{template "footer" .}}
`)
......@@ -1321,7 +1300,7 @@ func templatesLogoutHtml() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "templates/logout.html", size: 1524, mode: os.FileMode(420), modTime: time.Unix(1541234913, 0)}
info := bindataFileInfo{name: "templates/logout.html", size: 1063, mode: os.FileMode(420), modTime: time.Unix(1548600535, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
......
......@@ -299,37 +299,34 @@ func (h *Server) handleLogout(w http.ResponseWriter, req *http.Request, session
})
}
svcJSON, _ := json.Marshal(svcs) // nolint
data := map[string]interface{}{
"CSRFField": csrf.TemplateField(req),
"URLPrefix": h.urlPrefix,
"Services": svcs,
"IsPOST": false,
"CSRFField": csrf.TemplateField(req),
"URLPrefix": h.urlPrefix,
"Services": svcs,
"IncludeLogoutScripts": true,
"ServicesJSON": string(svcJSON),
}
if req.Method == "POST" {
data["IsPOST"] = true
data["IncludeLogoutScripts"] = true
svcJSON, _ := json.Marshal(svcs) // nolint
data["ServicesJSON"] = string(svcJSON)
// Clear the local session. Ignore errors.
httpSession, _ := h.authSessionStore.Get(req, authSessionKey) // nolint
httpSession.Options.MaxAge = -1
httpSession.Save(req, w) // nolint
// Close the keystore.
if h.keystore != nil {
var shard string
if session.UserInfo != nil {
shard = session.UserInfo.Shard
}
if err := h.keystore.Close(req.Context(), shard, session.Username); err != nil {
log.Printf("failed to wipe keystore for user %s: %v", session.Username, err)
}
// Clear the local session. Ignore errors.
httpSession, _ := h.authSessionStore.Get(req, authSessionKey) // nolint
delete(httpSession.Values, "data")
httpSession.Options.MaxAge = -1
httpSession.Save(req, w) // nolint
// Close the keystore.
if h.keystore != nil {
var shard string
if session.UserInfo != nil {
shard = session.UserInfo.Shard
}
if err := h.keystore.Close(req.Context(), shard, session.Username); err != nil {
log.Printf("failed to wipe keystore for user %s: %v", session.Username, err)
}
w.Header().Set("Content-Security-Policy", logoutContentSecurityPolicy)
}
w.Header().Set("Content-Security-Policy", logoutContentSecurityPolicy)
h.tpl.ExecuteTemplate(w, "logout.html", data) // nolint
}
......
{{template "header" .}}
{{if .IsPOST}}
<div class="form-signin">
<h1 class="form-signin-heading>">Sign Out</h1>
......@@ -40,25 +39,5 @@
<div id="services" data-services="{{.ServicesJSON}}"></div>
</div>
{{else}}
<form class="form-signin" action="{{.URLPrefix}}/logout" method="post">
{{.CSRFField}}
<h1 class="form-signin-heading">Sign Out</h1>
<p>
You are about to sign out from the following services:
</p>
<ul>
{{range .Services}}
<li>{{.Name}}</li>
{{end}}
</ul>
<button type="submit" class="btn btn-lg btn-primary btn-block">Logout</button>
</form>
{{end}}
{{template "footer" .}}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment