def check_session_cookie(response):
u'''
The cookies for auth (auth_tkt) and session (ckan) are separate. This
checks whether a user is logged in, and determines the validity of the
session cookie, removing it if necessary.
'''
for cookie in request.cookies:
# Remove the ckan session cookie if logged out.
if cookie == u'ckan' and not getattr(g, u'user', None):
# Check session for valid data (including flash messages)
is_valid_cookie_data = False
for key, value in session.items():
if not key.startswith(u'_') and value:
is_valid_cookie_data = True
break
if not is_valid_cookie_data:
if session.id:
log.debug(u'No valid session data - deleting session')
log.debug(u'Session: %r', session.items())
session.delete()
else:
log.debug(u'No session id - deleting session cookie')
response.delete_cookie(cookie)
# Remove auth_tkt repoze.who cookie if user not logged in.
elif cookie == u'auth_tkt' and not session.id:
response.delete_cookie(cookie)
return response
def check_session_cookie(response):
u'''
The cookies for auth (auth_tkt) and session (ckan) are separate. This
checks whether a user is logged in, and determines the validity of the
session cookie, removing it if necessary.
'''
for cookie in request.cookies:
# Remove the ckan session cookie if logged out.
if cookie == u'ckan' and not getattr(g, u'user', None):
# Check session for valid data (including flash messages)
is_valid_cookie_data = False
for key, value in session.items():
if not key.startswith(u'_') and value:
is_valid_cookie_data = True
break
if not is_valid_cookie_data:
if session.id:
log.debug(u'No valid session data - deleting session')
log.debug(u'Session: %r', session.items())
session.delete()
else:
log.debug(u'No session id - deleting session cookie')
response.delete_cookie(cookie)
# Remove auth_tkt repoze.who cookie if user not logged in.
elif cookie == u'auth_tkt' and not session.id:
response.delete_cookie(cookie)
return response
def _is_valid_session_cookie_data() -> bool:
is_valid_cookie_data = False
for key, value in session.items():
if not key.startswith(u'_') and value:
is_valid_cookie_data = True
break
return is_valid_cookie_data
def user_logout(context, data_dict):
"""Perform the user logout.
:param email: the user email
:type email: string
:format email: string
:param key: the received token
:type key: string
:format key: string
:returns: success
:rtype: string
"""
user.logout()
if session.id:
log.debug(u'Deleting Session: %r', session.items())
session.delete()
# Clear flask session
try:
flask.session.clear()
except:
log.error("flask session could no be deleted")
# check if user remains in context
if toolkit.c.user:
log.warning('user could be still logged in ({0})'.format(
toolkit.c.user))
# check if authorization cookie remains
for cookie in request.cookies:
if cookie == u'auth_tkt':
log.warning(
"found cookie {0}, user needs to log out from UI".format(
cookie))
raise logic.NotAuthorized(
"found cookie {0}, user needs to log out from UI".format(
cookie))
return "logout successful"
