# HG changeset patch
# User Sylvain Thénault <sylvain.thenault@logilab.fr>
# Date 1317729537 -7200
# Node ID faec7589f7427acdddcf9a877fbc0810a4339c4a
# Parent  32ad1c29e4774d0d793c0f6fe41bf4f45c2ce870
[web auth] closes #1981680: authentication info retriever should be given a chance to cleanup data

diff -r 32ad1c29e477 -r faec7589f742 web/views/authentication.py
--- a/web/views/authentication.py	Tue Oct 04 10:29:56 2011 +0200
+++ b/web/views/authentication.py	Tue Oct 04 13:58:57 2011 +0200
@@ -65,6 +65,14 @@
         """
         raise NotImplementedError()
 
+    def cleanup_authentication_information(self, req):
+        """called when the retriever has returned some authentication
+        information but we get an authentication error when using them, so it
+        get a chance to cleanup things (e.g. remove cookie)
+        """
+        pass
+
+
 class LoginPasswordRetreiver(WebAuthInfoRetreiver):
     __regid__ = 'loginpwdauth'
     order = 10
@@ -144,6 +152,7 @@
             try:
                 cnx = self._authenticate(login, authinfo)
             except AuthenticationError:
+                retriever.cleanup_authentication_information(req)
                 continue # the next one may succeed
             for retriever_ in self.authinforetrievers:
                 retriever_.authenticated(retriever, req, cnx, login, authinfo)