Unauthenticated logout (#2342)

2020-12-05 19:31:23 +01:00 · 2020-12-05 19:31:23 +01:00 · b2306cc8ad
commit b2306cc8ad
parent 2d2bcac4a7
2 changed files with 31 additions and 12 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
@ -179,6 +179,24 @@ sub checkLogout {
    PE_OK;
 }

+sub checkUnauthLogout {
+    my ( $self, $req ) = @_;
+    if ( defined $req->param('logout') ) {
+        $req->pdata({});
+        $req->addCookie(
+            $self->cookie(
+                name    => $self->conf->{cookieName},
+                domain  => $self->conf->{domain},
+                secure  => $self->conf->{securedCookie},
+                expires => 'Wed, 21 Oct 2015 00:00:00 GMT',
+                value   => 0
+            )
+        );
+        $req->steps( [ sub { PE_LOGOUT_OK } ] );
+    }
+    PE_OK;
+}
+
 sub authLogout {
    my ( $self, $req ) = @_;
    my $res = $self->_authentication->authLogout($req);
@ -349,7 +367,7 @@ sub authenticate {
    $req->steps( [
            'setSessionInfo',           'setMacros',
            'setPersistentSessionInfo', 'storeHistory',
-            @{ $self->afterData }, sub { PE_BADCREDENTIALS }
+            @{ $self->afterData },      sub { PE_BADCREDENTIALS }
        ]
    );

--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@ -9,7 +9,7 @@
 #
 package Lemonldap::NG::Portal::Main::Run;

-our $VERSION = '2.0.9';
+our $VERSION = '2.0.10';

 package Lemonldap::NG::Portal::Main;

@ -133,10 +133,11 @@ sub login {
    return $self->do(
        $req,
        [
-            'controlUrl',        @{ $self->beforeAuth },
-            $self->authProcess,  @{ $self->betweenAuthAndData },
-            $self->sessionData,  @{ $self->afterData },
-            $self->validSession, @{ $self->endAuth },
+            'checkUnauthLogout', 'controlUrl',    # Fix 2342
+            @{ $self->beforeAuth },         $self->authProcess,
+            @{ $self->betweenAuthAndData }, $self->sessionData,
+            @{ $self->afterData },          $self->validSession,
+            @{ $self->endAuth }
        ]
    );
 }
@ -146,11 +147,11 @@ sub postLogin {
    return $self->do(
        $req,
        [
-            'restoreArgs',                  'controlUrl',
-            @{ $self->beforeAuth },         $self->authProcess,
-            @{ $self->betweenAuthAndData }, $self->sessionData,
-            @{ $self->afterData },          $self->validSession,
-            @{ $self->endAuth },
+            'checkUnauthLogout', 'restoreArgs',            # Fix 2342
+            'controlUrl',        @{ $self->beforeAuth },
+            $self->authProcess,  @{ $self->betweenAuthAndData },
+            $self->sessionData,  @{ $self->afterData },
+            $self->validSession, @{ $self->endAuth }
        ]
    );
 }
@ -1053,7 +1054,7 @@ sub registerLogin {
    }

    my $history = $req->sessionInfo->{_loginHistory} ||= {};
-    my $type = ( $req->authResult > 0 ? 'failed' : 'success' ) . 'Login';
+    my $type    = ( $req->authResult > 0 ? 'failed' : 'success' ) . 'Login';
    $history->{$type} ||= [];
    $self->logger->debug("Current login saved into $type");