def check_session_cookie(response):
u'''
The cookies for auth (auth_tkt) and session (ckan) are separate. This
checks whether a user is logged in, and determines the validity of the
session cookie, removing it if necessary.
'''
for cookie in request.cookies:
# Remove the ckan session cookie if logged out.
if cookie == u'ckan' and not getattr(g, u'user', None):
# Check session for valid data (including flash messages)
is_valid_cookie_data = False
for key, value in session.items():
if not key.startswith(u'_') and value:
is_valid_cookie_data = True
break
if not is_valid_cookie_data:
if session.id:
log.debug(u'No valid session data - deleting session')
log.debug(u'Session: %r', session.items())
session.delete()
else:
log.debug(u'No session id - deleting session cookie')
response.delete_cookie(cookie)
# Remove auth_tkt repoze.who cookie if user not logged in.
elif cookie == u'auth_tkt' and not session.id:
response.delete_cookie(cookie)
return response
def check_session_cookie(response):
u'''
The cookies for auth (auth_tkt) and session (ckan) are separate. This
checks whether a user is logged in, and determines the validity of the
session cookie, removing it if necessary.
'''
for cookie in request.cookies:
# Remove the ckan session cookie if logged out.
if cookie == u'ckan' and not getattr(g, u'user', None):
# Check session for valid data (including flash messages)
is_valid_cookie_data = False
for key, value in session.items():
if not key.startswith(u'_') and value:
is_valid_cookie_data = True
break
if not is_valid_cookie_data:
if session.id:
log.debug(u'No valid session data - deleting session')
log.debug(u'Session: %r', session.items())
session.delete()
else:
log.debug(u'No session id - deleting session cookie')
response.delete_cookie(cookie)
# Remove auth_tkt repoze.who cookie if user not logged in.
elif cookie == u'auth_tkt' and not session.id:
response.delete_cookie(cookie)
return response
def user_logout(context, data_dict):
"""Perform the user logout.
:param email: the user email
:type email: string
:format email: string
:param key: the received token
:type key: string
:format key: string
:returns: success
:rtype: string
"""
user.logout()
if session.id:
log.debug(u'Deleting Session: %r', session.items())
session.delete()
# Clear flask session
try:
flask.session.clear()
except:
log.error("flask session could no be deleted")
# check if user remains in context
if toolkit.c.user:
log.warning('user could be still logged in ({0})'.format(
toolkit.c.user))
# check if authorization cookie remains
for cookie in request.cookies:
if cookie == u'auth_tkt':
log.warning(
"found cookie {0}, user needs to log out from UI".format(
cookie))
raise logic.NotAuthorized(
"found cookie {0}, user needs to log out from UI".format(
cookie))
return "logout successful"
def logged_out(self):
"""
Accounts came_from. If specified, logs out of ckan only. If not specified, logs out of both ckan and wotkit.
"""
# we need to get our language info back and the show the correct page
lang = session.get('lang')
came_from = session.get('logout_came_from')
log.debug("came from: " + str(came_from))
c.user = None
session.delete()
if came_from:
# extract came_from and construct new came from before redirecting
(next_redirect_url, comma, remaining_came_from) = came_from.partition(',')
if remaining_came_from:
redirect_url = next_redirect_url + "?came_from=" + remaining_came_from
else:
redirect_url = next_redirect_url
log.debug("redirecting logout to: " + redirect_url)
routes.redirect_to(str(redirect_url))
else:
# redirect user to logout url
url = config_globals.get_logout_success_url()
routes.redirect_to(str(url))
def logged_out(self):
# we need to get our language info back and the show the correct page
lang = session.get('lang')
c.user = None
session.delete()
h.redirect_to(locale=lang, controller='user', action='logged_out_page')
def logged_out(self):
# we need to get our language info back and the show the correct page
lang = session.get('lang')
c.user = None
session.delete()
h.redirect_to(locale=lang, controller='user', action='logged_out_page')