third_party
/
gitea
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Forcibly clean and destroy the session on logout (#11447)

Browse Source 
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
tokarchuk/v1.17
zeripath 5 years ago committed by GitHub
parent 5cf224abe3
commit a0d35fb6ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 5 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      routers/user/auth.go

7
routers/user/auth.go
Unescape View File

@ -994,11 +994,8 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au
// HandleSignOut resets the session and sets the cookies
func HandleSignOut(ctx *context.Context) {
_ = ctx.Session.Delete("uid")
_ = ctx.Session.Delete("uname")
_ = ctx.Session.Delete("socialId")
_ = ctx.Session.Delete("socialName")
_ = ctx.Session.Delete("socialEmail")
_ = ctx.Session.Flush()
_ = ctx.Session.Destroy(ctx.Context)
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)

Write Preview
Loading…
Cancel
Save