def test_logout_anonymous(self, mock_legacy, mock_sessions):
"""An anonymous user requests to log out."""
mock_legacy.sessions.invalidate_session.return_value = None
mock_sessions.invalidate_session.return_value = None
next_page = '/'
data, status_code, header = logout(None, None, next_page)
self.assertEqual(status_code, status.HTTP_303_SEE_OTHER,
"Redirects user to next page")
self.assertEqual(header['Location'], next_page,
"Redirects user to next page.")
def test_logout(self, mock_legacy, mock_sessions):
"""A logged-in user requests to log out."""
mock_legacy.sessions.invalidate_session.return_value = None
mock_sessions.invalidate_session.return_value = None
next_page = '/'
session_id = 'foosession'
classic_id = 'bazsession'
data, status_code, header = logout(session_id, classic_id, next_page)
self.assertEqual(status_code, status.HTTP_303_SEE_OTHER,
"Redirects user to next page")
self.assertEqual(header['Location'], next_page,
"Redirects user to next page.")
def logout() -> Response:
"""Log out of arXiv."""
session_cookie_key = current_app.config['SESSION_COOKIE_NAME']
classic_cookie_key = current_app.config['CLASSIC_COOKIE_NAME']
session_cookie = request.cookies.get(session_cookie_key, None)
classic_cookie = request.cookies.get(classic_cookie_key, None)
next_page = request.args.get('next_page', url_for('ui.login'))
logger.debug('Request to log out, then redirect to %s', next_page)
data, code, headers = authentication.logout(session_cookie, classic_cookie,
next_page)
# Flask puts cookie-setting methods on the response, so we do that here
# instead of in the controller.
if code is status.HTTP_303_SEE_OTHER:
logger.debug('Redirecting to %s: %i', headers.get('Location'), code)
response = make_response(redirect(headers.get('Location'), code=code))
set_cookies(response, data)
unset_submission_cookie(response) # Fix for ARXIVNG-1149.
return response
return redirect(url_for('get_login'), code=status.HTTP_302_FOUND)
def logout() -> Response:
"""Log out of arXiv."""
session_cookie_key = current_app.config['AUTH_SESSION_COOKIE_NAME']
classic_cookie_key = current_app.config['CLASSIC_COOKIE_NAME']
session_cookie = request.cookies.get(session_cookie_key, None)
classic_cookie = request.cookies.get(classic_cookie_key, None)
default_next_page = current_app.config['DEFAULT_LOGOUT_REDIRECT_URL']
next_page = request.args.get('next_page', default_next_page)
logger.debug('Request to log out, then redirect to %s', next_page)
data, code, headers = authentication.logout(session_cookie, classic_cookie,
next_page)
# Flask puts cookie-setting methods on the response, so we do that here
# instead of in the controller.
if code is status.HTTP_303_SEE_OTHER:
logger.debug('Redirecting to %s: %i', headers.get('Location'), code)
response = make_response(redirect(headers.get('Location'), code=code))
set_cookies(response, data)
unset_submission_cookie(response) # Fix for ARXIVNG-1149.
# Partial fix for ARXIVNG-1653, ARXIVNG-1644
unset_permanent_cookie(response)
return response
return redirect(next_page, code=status.HTTP_302_FOUND)