mirror of https://tt-rss.org/git/tt-rss.git
* add HOOK_POST_LOGOUT
* auth_remote: add config option AUTH_REMOTE_POST_LOGOUT_URL
This commit is contained in:
Andrew Dolgov
parent
57b0413a3a
commit
53061d1508
|
|
@ -296,8 +296,25 @@ class Handler_Public extends Handler {
|
|||
|
||||
function logout(): void {
|
||||
if (validate_csrf($_POST["csrf_token"])) {
|
||||
|
||||
$login = $_SESSION["name"];
|
||||
$user_id = $_SESSION["uid"];
|
||||
|
||||
UserHelper::logout();
|
||||
header("Location: index.php");
|
||||
|
||||
$redirect_url = "";
|
||||
|
||||
PluginHost::getInstance()->run_hooks_callback(PluginHost::HOOK_POST_LOGOUT,
|
||||
function ($result) use (&$redirect_url) {
|
||||
if (!empty($result[0]))
|
||||
$redirect_url = UrlHelper::validate($result[0]);
|
||||
},
|
||||
$login, $user_id);
|
||||
|
||||
if (!$redirect_url)
|
||||
$redirect_url = get_self_url_prefix() . "/index.php";
|
||||
|
||||
header("Location: " . $redirect_url);
|
||||
} else {
|
||||
header("Content-Type: text/json");
|
||||
print Errors::to_json(Errors::E_UNAUTHORIZED);
|
||||
|
|
|
|||
|
|
@ -670,4 +670,13 @@ abstract class Plugin {
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
/** Invoked after user logout, may override built-in behavior (redirect back to login page)
|
||||
* @param string $login
|
||||
* @param int $user_id
|
||||
* @return array<mixed> - [0] - if set, url to redirect to
|
||||
*/
|
||||
function hook_post_logout($login, $user_id) {
|
||||
return [""];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -195,6 +195,9 @@ class PluginHost {
|
|||
/** @see Plugin::hook_pre_subscribe() */
|
||||
const HOOK_PRE_SUBSCRIBE = "hook_pre_subscribe";
|
||||
|
||||
/** @see Plugin::hook_post_logout() */
|
||||
const HOOK_POST_LOGOUT = "hook_post_logout";
|
||||
|
||||
const KIND_ALL = 1;
|
||||
const KIND_SYSTEM = 2;
|
||||
const KIND_USER = 3;
|
||||
|
|
|
|||
|
|
@ -1,15 +1,26 @@
|
|||
<?php
|
||||
class Auth_Remote extends Auth_Base {
|
||||
|
||||
/** redirect user to this URL after logout; .env:
|
||||
* TTRSS_AUTH_REMOTE_POST_LOGOUT_URL=http://127.0.0.1/logout-redirect
|
||||
*/
|
||||
const AUTH_REMOTE_POST_LOGOUT_URL = "AUTH_REMOTE_POST_LOGOUT_URL";
|
||||
|
||||
function about() {
|
||||
return array(null,
|
||||
"Authenticates against remote password (e.g. supplied by Apache)",
|
||||
"Authenticates against external passwords (HTTP Authentication, SSL certificates)",
|
||||
"fox",
|
||||
true);
|
||||
}
|
||||
|
||||
function init($host) {
|
||||
$host->add_hook($host::HOOK_AUTH_USER, $this);
|
||||
|
||||
Config::add(self::AUTH_REMOTE_POST_LOGOUT_URL, "", Config::T_STRING);
|
||||
|
||||
if (Config::get(self::AUTH_REMOTE_POST_LOGOUT_URL) != "") {
|
||||
$host->add_hook($host::HOOK_POST_LOGOUT, $this);
|
||||
}
|
||||
}
|
||||
|
||||
function get_login_by_ssl_certificate() : string {
|
||||
|
|
@ -73,6 +84,12 @@ class Auth_Remote extends Auth_Base {
|
|||
return false;
|
||||
}
|
||||
|
||||
function hook_post_logout($login, $user_id) {
|
||||
return [
|
||||
Config::get(self::AUTH_REMOTE_POST_LOGOUT_URL)
|
||||
];
|
||||
}
|
||||
|
||||
function api_version() {
|
||||
return 2;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue