Commit f8078d94 authored by marcel's avatar marcel
Browse files

Fix cookie removal at logout.

parent 2ea1c48f
...@@ -252,15 +252,16 @@ class RootController(AbstractController): ...@@ -252,15 +252,16 @@ class RootController(AbstractController):
@cherrypy.expose @cherrypy.expose
@cherrypy.tools.method(accept="GET") @cherrypy.tools.method(accept="GET")
def logout(self, path="/"): def logout(self, path="/"):
# remove some cookies
cookies = ["ROUTEID"]
for c in cookies:
if c in cherrypy.response.cookie:
cherrypy.response.cookie[c]["expires"] = 0
vispa.fire_callback("user.logout", cherrypy.request.user) vispa.fire_callback("user.logout", cherrypy.request.user)
vispa.socketbus.remove_session(self.get("window_id")) vispa.socketbus.remove_session(self.get("window_id"))
cherrypy.lib.sessions.expire() cherrypy.lib.sessions.expire()
# remove all cookies
for key in cherrypy.response.cookie.keys():
cherrypy.response.cookie[key] = ""
cherrypy.response.cookie[key]["expires"] = 0
cherrypy.response.cookie[key]["max-age"] = 0
raise cherrypy.HTTPRedirect(vispa.url.dynamic(path)) raise cherrypy.HTTPRedirect(vispa.url.dynamic(path))
@cherrypy.expose @cherrypy.expose
...@@ -273,7 +274,7 @@ class RootController(AbstractController): ...@@ -273,7 +274,7 @@ class RootController(AbstractController):
"welcome_phrase": vispa.config("web", "text.welcome", ""), "welcome_phrase": vispa.config("web", "text.welcome", ""),
"username": None if not isinstance(user, User) else user.name, "username": None if not isinstance(user, User) else user.name,
"hash": hash, "hash": hash,
"cache_bust" : self.cache_bust "cache_bust": self.cache_bust
} }
return data return data
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment