diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-05-06 21:31:04 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-05-06 21:31:04 -0700 |
| commit | e62544064299324ab04abae64cc33afef12a24aa (patch) | |
| tree | 35e6be98cfd814c64d10f148b2e6a8e8b6fb1ae3 /httemplate | |
| parent | 3ff1fb4e10fdaef86527c10bd416e988d2a62a49 (diff) | |
NG auth: use database session keys, RT#21563
Diffstat (limited to 'httemplate')
| -rw-r--r-- | httemplate/loginout/login.html | 34 | ||||
| -rw-r--r-- | httemplate/loginout/logout.html | 11 |
2 files changed, 26 insertions, 19 deletions
diff --git a/httemplate/loginout/login.html b/httemplate/loginout/login.html index e5b4589..a67ea4b 100644 --- a/httemplate/loginout/login.html +++ b/httemplate/loginout/login.html @@ -39,30 +39,34 @@ my %error = ( 'no_cookie' => '', #First login, don't display an error - 'bad_cookie' => 'Bad Cookie', #timed out? server reboot? + 'bad_cookie' => 'Bad Cookie', #timed out? 'bad_credentials' => 'Incorrect username / password', - 'logout' => 'You have been logged out.', + #'logout' => 'You have been logged out.', ); -my $url_string = CGI->new->url; +my $error = # $cgi->param('logout') || + $r->prev->subprocess_env("AuthCookieReason"); -my $error = $cgi->param('logout') || $r->prev->subprocess_env("AuthCookieReason"); $error = exists($error{$error}) ? $error{$error} : $error; + +#my $url_string = CGI->new->url; +my $url_string = $cgi->url; + #fake a freeside path for /login so we get our .css. shrug $url_string =~ s/login$/freeside\/login/ unless $url_string =~ /freeside\//; #even though this is kludgy and false laziness w/CGI.pm - $url_string =~ s{ / index\.html /? $ } - {/}x; - $url_string =~ - s{ - /(login|loginout) - ([\w\-\.\/]*) - $ - } - {}ix; - - $url_string .= '/' unless $url_string =~ /\/$/; +$url_string =~ s{ / index\.html /? $ } + {/}x; +$url_string =~ + s{ + /(login|loginout) + ([\w\-\.\/]*) + $ + } + {}ix; + +$url_string .= '/' unless $url_string =~ /\/$/; </%init> diff --git a/httemplate/loginout/logout.html b/httemplate/loginout/logout.html index 33b87fe..5626aa4 100644 --- a/httemplate/loginout/logout.html +++ b/httemplate/loginout/logout.html @@ -1,10 +1,13 @@ -<% $cgi->redirect($fsurl.'?logout=logout') %> +<% $cgi->redirect($redirect) %> <%init> -my $auth_type = $r->auth_type; +# Delete the server-side session +$FS::CurrentUser::CurrentSession->logout; -# Delete the cookie, etc. +# Delete the browser cookie, etc. +my $auth_type = $r->auth_type; $auth_type->logout($r); -#XXX etc: should delete the server-side session + +my $redirect = $fsurl; #.'?logout=logout'; </%init> |