Support logging out of password-protected blogs
Closes T492
This commit is contained in:
parent
811f996e84
commit
5a3e8d59b6
|
@ -110,6 +110,8 @@ type (
|
|||
|
||||
// User-related fields
|
||||
isCollOwner bool
|
||||
|
||||
isAuthorized bool
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -553,6 +555,7 @@ type CollectionPage struct {
|
|||
IsCustomDomain bool
|
||||
IsWelcome bool
|
||||
IsOwner bool
|
||||
IsCollLoggedIn bool
|
||||
CanPin bool
|
||||
Username string
|
||||
Monetization string
|
||||
|
@ -672,9 +675,9 @@ func processCollectionPermissions(app *App, cr *collectionReq, u *User, w http.R
|
|||
}
|
||||
|
||||
// See if we've authorized this collection
|
||||
authd := isAuthorizedForCollection(app, c.Alias, r)
|
||||
cr.isAuthorized = isAuthorizedForCollection(app, c.Alias, r)
|
||||
|
||||
if !authd {
|
||||
if !cr.isAuthorized {
|
||||
p := struct {
|
||||
page.StaticPage
|
||||
*CollectionObj
|
||||
|
@ -792,6 +795,7 @@ func handleViewCollection(app *App, w http.ResponseWriter, r *http.Request) erro
|
|||
// Serve collection
|
||||
displayPage := CollectionPage{
|
||||
DisplayCollection: coll,
|
||||
IsCollLoggedIn: cr.isAuthorized,
|
||||
StaticPage: pageForReq(app, r),
|
||||
IsCustomDomain: cr.isCustomDomain,
|
||||
IsWelcome: r.FormValue("greeting") != "",
|
||||
|
@ -1158,3 +1162,43 @@ func isAuthorizedForCollection(app *App, alias string, r *http.Request) bool {
|
|||
}
|
||||
return authd
|
||||
}
|
||||
|
||||
func logOutCollection(app *App, alias string, w http.ResponseWriter, r *http.Request) error {
|
||||
session, err := app.sessionStore.Get(r, blogPassCookieName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Remove this from map of blogs logged into
|
||||
delete(session.Values, alias)
|
||||
|
||||
// If not auth'd with any blog, delete entire cookie
|
||||
if len(session.Values) == 0 {
|
||||
session.Options.MaxAge = -1
|
||||
}
|
||||
return session.Save(r, w)
|
||||
}
|
||||
|
||||
func handleLogOutCollection(app *App, w http.ResponseWriter, r *http.Request) error {
|
||||
alias := collectionAliasFromReq(r)
|
||||
var c *Collection
|
||||
var err error
|
||||
if app.cfg.App.SingleUser {
|
||||
c, err = app.db.GetCollectionByID(1)
|
||||
} else {
|
||||
c, err = app.db.GetCollection(alias)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if !c.IsProtected() {
|
||||
// Invalid to log out of this collection
|
||||
return ErrCollectionPageNotFound
|
||||
}
|
||||
|
||||
err = logOutCollection(app, c.Alias, w, r)
|
||||
if err != nil {
|
||||
addSessionFlash(app, w, r, "Logging out failed. Try clearing cookies for this site, instead.", nil)
|
||||
}
|
||||
return impart.HTTPError{http.StatusFound, c.CanonicalURL()}
|
||||
}
|
||||
|
|
|
@ -204,6 +204,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router {
|
|||
}
|
||||
|
||||
func RouteCollections(handler *Handler, r *mux.Router) {
|
||||
r.HandleFunc("/logout", handler.Web(handleLogOutCollection, UserLevelOptional))
|
||||
r.HandleFunc("/page/{page:[0-9]+}", handler.Web(handleViewCollection, UserLevelReader))
|
||||
r.HandleFunc("/tag:{tag}", handler.Web(handleViewCollectionTag, UserLevelReader))
|
||||
r.HandleFunc("/tag:{tag}/feed/", handler.Web(ViewFeed, UserLevelReader))
|
||||
|
|
|
@ -40,27 +40,42 @@
|
|||
|
||||
</head>
|
||||
<body id="collection" itemscope itemtype="http://schema.org/WebPage">
|
||||
{{if or .IsOwner .SingleUser}}<nav id="manage"><ul>
|
||||
<li class="has-submenu"><a onclick="void(0)">☰ Menu</a>
|
||||
<ul>
|
||||
{{ if .IsOwner }}
|
||||
{{if .SingleUser}}
|
||||
<li><a href="/me/new">New Post</a></li>
|
||||
{{else}}
|
||||
<li><a href="/#{{.Alias}}" class="write">{{.SiteName}}</a></li>
|
||||
{{end}}
|
||||
{{if .SimpleNav}}<li><a href="/new#{{.Alias}}">New Post</a></li>{{end}}
|
||||
<li><a href="/me/c/{{.Alias}}">Customize</a></li>
|
||||
<li><a href="/me/c/{{.Alias}}/stats">Stats</a></li>
|
||||
<li class="separator"><hr /></li>
|
||||
{{if not .SingleUser}}<li><a href="/me/c/"><img class="ic-18dp" src="/img/ic_blogs_dark@2x.png" /> View Blogs</a></li>{{end}}
|
||||
<li><a href="/me/posts/"><img class="ic-18dp" src="/img/ic_list_dark@2x.png" /> View Drafts</a></li>
|
||||
{{ else }}
|
||||
<li><a href="/login">Log in</a></li>
|
||||
{{ end }}
|
||||
</ul>
|
||||
</li>
|
||||
</ul></nav>{{end}}
|
||||
{{if or .IsOwner .SingleUser}}
|
||||
<nav id="manage"><ul>
|
||||
<li class="has-submenu"><a onclick="void(0)">☰ Menu</a>
|
||||
<ul>
|
||||
{{ if .IsOwner }}
|
||||
{{if .SingleUser}}
|
||||
<li><a href="/me/new">New Post</a></li>
|
||||
{{else}}
|
||||
<li><a href="/#{{.Alias}}" class="write">{{.SiteName}}</a></li>
|
||||
{{end}}
|
||||
{{if .SimpleNav}}<li><a href="/new#{{.Alias}}">New Post</a></li>{{end}}
|
||||
<li><a href="/me/c/{{.Alias}}">Customize</a></li>
|
||||
<li><a href="/me/c/{{.Alias}}/stats">Stats</a></li>
|
||||
<li class="separator"><hr /></li>
|
||||
{{if not .SingleUser}}<li><a href="/me/c/"><img class="ic-18dp" src="/img/ic_blogs_dark@2x.png" /> View Blogs</a></li>{{end}}
|
||||
<li><a href="/me/posts/"><img class="ic-18dp" src="/img/ic_list_dark@2x.png" /> View Drafts</a></li>
|
||||
{{ else }}
|
||||
<li><a href="/login">Log in{{if .IsProtected}} to {{.DisplayTitle}}{{end}}</a></li>
|
||||
{{if .IsProtected}}
|
||||
<li class="separator"><hr /></li>
|
||||
<li><a href="/logout">Log out</a></li>
|
||||
{{end}}
|
||||
{{ end }}
|
||||
</ul>
|
||||
</li>
|
||||
</ul></nav>
|
||||
{{else if .IsCollLoggedIn}}
|
||||
<nav id="manage" class="shiny"><ul>
|
||||
<li class="has-submenu"><a onclick="void(0)">☰ Menu</a>
|
||||
<ul>
|
||||
<li class="menu-heading" style="padding: .5rem .75rem; box-sizing: border-box;">{{.DisplayTitle}}</li>
|
||||
<li><a href="{{.CanonicalURL}}logout">Log out</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul></nav>
|
||||
{{end}}
|
||||
|
||||
<header>
|
||||
{{if .Silenced}}
|
||||
|
|
|
@ -25,6 +25,18 @@
|
|||
|
||||
</head>
|
||||
<body id="collection" itemscope itemtype="http://schema.org/WebPage">
|
||||
{{if .SingleUser}}
|
||||
<nav id="manage">
|
||||
<ul>
|
||||
<li class="has-submenu"><a onclick="void(0)">☰ Menu</a>
|
||||
<ul>
|
||||
<li><a href="/login">Log in</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
</nav>
|
||||
{{end}}
|
||||
|
||||
<header>
|
||||
<h1 dir="{{.Direction}}" id="blog-title"><a href="/{{.Alias}}/" class="h-card p-author u-url" rel="me author">{{.DisplayTitle}}</a></h1>
|
||||
</header>
|
||||
|
|
Loading…
Reference in New Issue