Item11904: Split out logout code from LoginManager

I am updating a client-built LoginManager subclass, based on ApacheLogin. It needs to perform some actions on logout: clear cookie, go to a specific address to log off completely. Currently there is a long subroutine "loadSession" in LoginManager. Instead of copying it and changing a couple of lines, I think it is better to let LoginManager.pm have a _logout routine and override this.

So this code would get repositioned (line 433-460 in release branche):

_trace( $this, "User is logging out" );
$session->logEvent( 'logout', ' ',
    "AUTHENTICATION LOGOUT - $authUser - " );

#TODO: consider if we should risk passing on the urlparams on logout
my $path_info = $session->{request}->path_info();
if ( my $topic = $session->{request}->param('topic') )
{    #we should at least respect the ?topic= request
    my $topicRequest = Foswiki::Sandbox::untaintUnchecked(
        $session->{request}->param('topic') );
    my ( $web, $topic ) =
      $this->{session}
      ->normalizeWebTopicName( undef, $topicRequest );
    $path_info = '/' . $web . '/' . $topic;
}

my $redirectUrl;
if ($path_info) {
    $redirectUrl = $session->{request}->url() . $path_info;
}
else {
    $redirectUrl = $session->{request}->referer();
}

#lets avoid infinite loops
$session->{request}->delete('logout');
$authUser = $defaultUser;
$session->redirect( $redirectUrl, 0 );

-- ArthurClemens - 29 May 2012

By convention the subroutines starting with an underscore are meant for local use only. So requiring to override an underscore method is a bit odd. Naming it differently would help.

-- MichaelDaum - 30 May 2012

I agree. It is now redirectToLoggedOutUrl.

-- ArthurClemens - 30 May 2012

Commenting is disabled while not logged in