creylopez
/
django-ex
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 2 Wiki Activity
Browse Source

DIV-1262 - Delete the SMSESSION cookie when the user logs out - using Django instead of JS

pull/172/head
Michael Olund 5 years ago
parent
c41ba4d0fc
commit
4db9e4565a
5 changed files with 10 additions and 23 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -3
      edivorce/apps/core/middleware/keycloak.py
  2. +0
    -19
      edivorce/apps/core/static/js/main.js
  3. +1
    -1
      edivorce/apps/core/templates/base.html
  4. +1
    -0
      edivorce/apps/core/urls.py
  5. +7
    -0
      edivorce/apps/core/views/main.py

+ 1
- 3
edivorce/apps/core/middleware/keycloak.py View File

@ -46,7 +46,5 @@ class EDivorceKeycloakBackend(OIDCAuthenticationBackend):
def keycloak_logout(request):
request.session.flush()
redirect_uri = absolutify(request, settings.FORCE_SCRIPT_NAME)
redirect_uri = absolutify(request, settings.FORCE_SCRIPT_NAME[:-1] + '/logout')
return f'{settings.KEYCLOAK_LOGOUT}?redirect_uri={redirect_uri}'

+ 0
- 19
edivorce/apps/core/static/js/main.js View File

@ -899,27 +899,8 @@ var initializeChildRowControls = function(element) {
element.find('#cancel_delete_child').on('click', function() {
$('#delete_child_modal').modal('hide');
});
$('form#logoutForm').submit(function(e) {
deleteCookie("SMSESSION", "/", ".gov.bc.ca");
});
};
var deleteCookie = function(name, path, domain) {
if( getCookie(name) ) {
document.cookie = name + "=" +
((path) ? ";path="+path:"")+
((domain)?";domain="+domain:"") +
";expires=Thu, 01 Jan 1970 00:00:01 GMT";
}
}
var getCookie = function(name){
return document.cookie.split(';').some(c => {
return c.trim().startsWith(name + '=');
});
}
var populateChildInputFields = function(element) {
$('.children-questions').show();
$('.children-list').hide();


+ 1
- 1
edivorce/apps/core/templates/base.html View File

@ -54,7 +54,7 @@
<div class="top_banner-user">
{% if request.user.is_authenticated %}
<span>
<form id="logoutForm" action="{% url 'oidc_logout' %}" method="post">
<form action="{% url 'oidc_logout' %}" method="post">
{{ request.user.display_name}}
&nbsp;&nbsp;|&nbsp;&nbsp;
{% csrf_token %}


+ 1
- 0
edivorce/apps/core/urls.py View File

@ -13,6 +13,7 @@ urlpatterns = [
path('api/documents/<doc_type>/<int:party_code>/<filename>x/<int:size>/', api.DocumentView.as_view(), name='document'),
url(r'^signin$', main.after_login, name="signin"),
url(r'^logout$', main.after_logout, name="logout"),
url(r'^register$', main.register, name="register"),
url(r'^register_sc$', main.register_sc, name="register_sc"),
url(r'^overview$', main.overview, name="overview"),


+ 7
- 0
edivorce/apps/core/views/main.py View File

@ -1,5 +1,6 @@
from django.conf import settings
from django.contrib import messages
from django.http import HttpResponseRedirect
from django.shortcuts import render, redirect
from django.urls import reverse
from django.contrib.auth.decorators import login_required
@ -120,6 +121,12 @@ def after_login(request):
return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/overview')
def after_logout(request):
response = HttpResponseRedirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME)
response.delete_cookie(key="SMSESSION", domain=".gov.bc.ca", path="/")
return response
@login_required
@prequal_completed
@intercept


Write Preview
Loading…
Cancel
Save