* add HOOK_POST_LOGOUT

* auth_remote: add config option AUTH_REMOTE_POST_LOGOUT_URL
This commit is contained in:
Andrew Dolgov 2021-12-06 13:20:18 +03:00
parent 57b0413a3a
commit 53061d1508
4 changed files with 48 additions and 2 deletions

View File

@ -296,8 +296,25 @@ class Handler_Public extends Handler {
function logout(): void { function logout(): void {
if (validate_csrf($_POST["csrf_token"])) { if (validate_csrf($_POST["csrf_token"])) {
$login = $_SESSION["name"];
$user_id = $_SESSION["uid"];
UserHelper::logout(); UserHelper::logout();
header("Location: index.php");
$redirect_url = "";
PluginHost::getInstance()->run_hooks_callback(PluginHost::HOOK_POST_LOGOUT,
function ($result) use (&$redirect_url) {
if (!empty($result[0]))
$redirect_url = UrlHelper::validate($result[0]);
},
$login, $user_id);
if (!$redirect_url)
$redirect_url = get_self_url_prefix() . "/index.php";
header("Location: " . $redirect_url);
} else { } else {
header("Content-Type: text/json"); header("Content-Type: text/json");
print Errors::to_json(Errors::E_UNAUTHORIZED); print Errors::to_json(Errors::E_UNAUTHORIZED);

View File

@ -670,4 +670,13 @@ abstract class Plugin {
return false; return false;
} }
/** Invoked after user logout, may override built-in behavior (redirect back to login page)
* @param string $login
* @param int $user_id
* @return array<mixed> - [0] - if set, url to redirect to
*/
function hook_post_logout($login, $user_id) {
return [""];
}
} }

View File

@ -195,6 +195,9 @@ class PluginHost {
/** @see Plugin::hook_pre_subscribe() */ /** @see Plugin::hook_pre_subscribe() */
const HOOK_PRE_SUBSCRIBE = "hook_pre_subscribe"; const HOOK_PRE_SUBSCRIBE = "hook_pre_subscribe";
/** @see Plugin::hook_post_logout() */
const HOOK_POST_LOGOUT = "hook_post_logout";
const KIND_ALL = 1; const KIND_ALL = 1;
const KIND_SYSTEM = 2; const KIND_SYSTEM = 2;
const KIND_USER = 3; const KIND_USER = 3;

View File

@ -1,15 +1,26 @@
<?php <?php
class Auth_Remote extends Auth_Base { class Auth_Remote extends Auth_Base {
/** redirect user to this URL after logout; .env:
* TTRSS_AUTH_REMOTE_POST_LOGOUT_URL=http://127.0.0.1/logout-redirect
*/
const AUTH_REMOTE_POST_LOGOUT_URL = "AUTH_REMOTE_POST_LOGOUT_URL";
function about() { function about() {
return array(null, return array(null,
"Authenticates against remote password (e.g. supplied by Apache)", "Authenticates against external passwords (HTTP Authentication, SSL certificates)",
"fox", "fox",
true); true);
} }
function init($host) { function init($host) {
$host->add_hook($host::HOOK_AUTH_USER, $this); $host->add_hook($host::HOOK_AUTH_USER, $this);
Config::add(self::AUTH_REMOTE_POST_LOGOUT_URL, "", Config::T_STRING);
if (Config::get(self::AUTH_REMOTE_POST_LOGOUT_URL) != "") {
$host->add_hook($host::HOOK_POST_LOGOUT, $this);
}
} }
function get_login_by_ssl_certificate() : string { function get_login_by_ssl_certificate() : string {
@ -73,6 +84,12 @@ class Auth_Remote extends Auth_Base {
return false; return false;
} }
function hook_post_logout($login, $user_id) {
return [
Config::get(self::AUTH_REMOTE_POST_LOGOUT_URL)
];
}
function api_version() { function api_version() {
return 2; return 2;
} }