diff options
| author | B. Stack <bgstack15@gmail.com> | 2021-06-27 18:08:47 -0400 |
|---|---|---|
| committer | B. Stack <bgstack15@gmail.com> | 2021-06-28 11:32:49 -0400 |
| commit | 0d147ad7f6edb5c740008b8d411e10d8e42f4a78 (patch) | |
| tree | 23dc1a4d977a3be612ec3ded2a07ba11324f234d | |
| parent | add settings page for admins group (diff) | |
| download | session_app-0d147ad7f6edb5c740008b8d411e10d8e42f4a78.tar.gz session_app-0d147ad7f6edb5c740008b8d411e10d8e42f4a78.tar.bz2 session_app-0d147ad7f6edb5c740008b8d411e10d8e42f4a78.zip | |
clear session at logout
this feature is not well-documented in flask.
| -rwxr-xr-x | session_app.py | 9 | ||||
| -rw-r--r-- | templates/settings.html | 1 |
2 files changed, 4 insertions, 6 deletions
diff --git a/session_app.py b/session_app.py index 50a52fd..1743b2a 100755 --- a/session_app.py +++ b/session_app.py @@ -15,12 +15,11 @@ # _unauthorized_kerberos meta redirect from https://billstclair.com/html-redirect2.html # preserve POST with code 307 https://stackoverflow.com/a/15480983/3569534 # Improve: -# remove session info, when logging out? # Run: # FLASK_APP=session_app.py FLASK_DEBUG=1 flask run --host 0.0.0.0 # Dependencies: -# apt-get install python3-flask -# pip3 install Flask-kerberos kerberos +# apt-get install python3-flask python3-kerberos +# pip3 install Flask-kerberos from flask import Flask, Response, redirect, url_for, render_template, request, _request_ctx_stack as stack, make_response, session from flask_kerberos import init_kerberos, requires_authentication, _unauthorized, _forbidden, _gssapi_authenticate @@ -335,8 +334,8 @@ def handle_login_ldap_from_non_ldap(request): @app.route("/logout/") def logout(): resp = Response(f'<meta http-equiv="Refresh" content="1; url={url_for("index")}">logged out') - # Doing anything with session here leaves a cookie. - #session['user']="" + # not documented but is found on the Internet in a few random places: + session.clear() resp.set_cookie('user','',expires=0) resp.set_cookie('type','',expires=0) resp.set_cookie('session','',expires=0) diff --git a/templates/settings.html b/templates/settings.html index c5f6e68..884ea04 100644 --- a/templates/settings.html +++ b/templates/settings.html @@ -13,5 +13,4 @@ input { <p>Ldap URI <input style="width: 500px;" type="text" value="{{ ldap_uri }}" name="ldap_uri"</p> <p><input accesskey="s" type="submit" value="Submit"/></p> </form> -</center> </html> |