diff --git a/collections.go b/collections.go
index e1ebe48..5fe5d24 100644
--- a/collections.go
+++ b/collections.go
@@ -110,6 +110,8 @@ type (
// User-related fields
isCollOwner bool
+
+ isAuthorized bool
}
)
@@ -553,6 +555,7 @@ type CollectionPage struct {
IsCustomDomain bool
IsWelcome bool
IsOwner bool
+ IsCollLoggedIn bool
CanPin bool
Username string
Monetization string
@@ -672,9 +675,9 @@ func processCollectionPermissions(app *App, cr *collectionReq, u *User, w http.R
}
// See if we've authorized this collection
- authd := isAuthorizedForCollection(app, c.Alias, r)
+ cr.isAuthorized = isAuthorizedForCollection(app, c.Alias, r)
- if !authd {
+ if !cr.isAuthorized {
p := struct {
page.StaticPage
*CollectionObj
@@ -792,6 +795,7 @@ func handleViewCollection(app *App, w http.ResponseWriter, r *http.Request) erro
// Serve collection
displayPage := CollectionPage{
DisplayCollection: coll,
+ IsCollLoggedIn: cr.isAuthorized,
StaticPage: pageForReq(app, r),
IsCustomDomain: cr.isCustomDomain,
IsWelcome: r.FormValue("greeting") != "",
@@ -1158,3 +1162,43 @@ func isAuthorizedForCollection(app *App, alias string, r *http.Request) bool {
}
return authd
}
+
+func logOutCollection(app *App, alias string, w http.ResponseWriter, r *http.Request) error {
+ session, err := app.sessionStore.Get(r, blogPassCookieName)
+ if err != nil {
+ return err
+ }
+
+ // Remove this from map of blogs logged into
+ delete(session.Values, alias)
+
+ // If not auth'd with any blog, delete entire cookie
+ if len(session.Values) == 0 {
+ session.Options.MaxAge = -1
+ }
+ return session.Save(r, w)
+}
+
+func handleLogOutCollection(app *App, w http.ResponseWriter, r *http.Request) error {
+ alias := collectionAliasFromReq(r)
+ var c *Collection
+ var err error
+ if app.cfg.App.SingleUser {
+ c, err = app.db.GetCollectionByID(1)
+ } else {
+ c, err = app.db.GetCollection(alias)
+ }
+ if err != nil {
+ return err
+ }
+ if !c.IsProtected() {
+ // Invalid to log out of this collection
+ return ErrCollectionPageNotFound
+ }
+
+ err = logOutCollection(app, c.Alias, w, r)
+ if err != nil {
+ addSessionFlash(app, w, r, "Logging out failed. Try clearing cookies for this site, instead.", nil)
+ }
+ return impart.HTTPError{http.StatusFound, c.CanonicalURL()}
+}
diff --git a/routes.go b/routes.go
index bb1785f..5530552 100644
--- a/routes.go
+++ b/routes.go
@@ -204,6 +204,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router {
}
func RouteCollections(handler *Handler, r *mux.Router) {
+ r.HandleFunc("/logout", handler.Web(handleLogOutCollection, UserLevelOptional))
r.HandleFunc("/page/{page:[0-9]+}", handler.Web(handleViewCollection, UserLevelReader))
r.HandleFunc("/tag:{tag}", handler.Web(handleViewCollectionTag, UserLevelReader))
r.HandleFunc("/tag:{tag}/feed/", handler.Web(ViewFeed, UserLevelReader))
diff --git a/templates/collection.tmpl b/templates/collection.tmpl
index 42664e7..493e6b7 100644
--- a/templates/collection.tmpl
+++ b/templates/collection.tmpl
@@ -40,27 +40,42 @@
- {{if or .IsOwner .SingleUser}}{{end}}
+ {{if or .IsOwner .SingleUser}}
+
+ {{else if .IsCollLoggedIn}}
+
+ {{end}}
{{if .Silenced}}
diff --git a/templates/password-collection.tmpl b/templates/password-collection.tmpl
index e0b755d..c1c9083 100644
--- a/templates/password-collection.tmpl
+++ b/templates/password-collection.tmpl
@@ -25,6 +25,18 @@
+ {{if .SingleUser}}
+
+ {{end}}
+