Logout POST action (#10582)

* Change logout to POST

* Update for redirect

Signed-off-by: jolheiser <john.olheiser@gmail.com>
tokarchuk/v1.17
John Olheiser 5 years ago committed by GitHub
parent bea497ff96
commit 0e2217bd2d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      integrations/signout_test.go
  2. 2
      routers/routes/routes.go
  3. 2
      templates/base/head_navbar.tmpl
  4. 3
      web_src/js/index.js

@ -14,7 +14,7 @@ func TestSignOut(t *testing.T) {
session := loginUser(t, "user2") session := loginUser(t, "user2")
req := NewRequest(t, "GET", "/user/logout") req := NewRequest(t, "POST", "/user/logout")
session.MakeRequest(t, req, http.StatusFound) session.MakeRequest(t, req, http.StatusFound)
// try to view a private repo, should fail // try to view a private repo, should fail

@ -413,7 +413,7 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Post("/recover_account", user.ResetPasswdPost) m.Post("/recover_account", user.ResetPasswdPost)
m.Get("/forgot_password", user.ForgotPasswd) m.Get("/forgot_password", user.ForgotPasswd)
m.Post("/forgot_password", user.ForgotPasswdPost) m.Post("/forgot_password", user.ForgotPasswdPost)
m.Get("/logout", user.SignOut) m.Post("/logout", user.SignOut)
}) })
// ***** END: User ***** // ***** END: User *****

@ -115,7 +115,7 @@
{{end}} {{end}}
<div class="divider"></div> <div class="divider"></div>
<a class="item" href="{{AppSubUrl}}/user/logout"> <a class="item link-action" href data-url="{{AppSubUrl}}/user/logout" data-redirect="{{AppSubUrl}}/">
{{svg "octicon-sign-out" 16}} {{svg "octicon-sign-out" 16}}
{{.i18n.Tr "sign_out"}}<!-- Sign Out --> {{.i18n.Tr "sign_out"}}<!-- Sign Out -->
</a> </a>

@ -2741,11 +2741,14 @@ function showAddAllPopup() {
function linkAction() { function linkAction() {
const $this = $(this); const $this = $(this);
const redirect = $this.data('redirect');
$.post($this.data('url'), { $.post($this.data('url'), {
_csrf: csrf _csrf: csrf
}).done((data) => { }).done((data) => {
if (data.redirect) { if (data.redirect) {
window.location.href = data.redirect; window.location.href = data.redirect;
} else if (redirect) {
window.location.href = redirect;
} else { } else {
window.location.reload(); window.location.reload();
} }

Loading…
Cancel
Save