--- a/_exceptions.py Tue Mar 16 12:34:29 2010 +0100
+++ b/_exceptions.py Tue Mar 16 12:40:59 2010 +0100
@@ -49,7 +49,11 @@
class AuthenticationError(ConnectionError):
"""raised when a bad connection id is given or when an attempt to establish
- a connection failed"""
+ a connection failed
+ """
+ def __init__(self, *args, **kwargs):
+ super(AuthenticationError, self).__init__(*args)
+ self.__dict__.update(kwargs)
class BadConnectionId(ConnectionError):
"""raised when a bad connection id is given or when an attempt to establish
--- a/etwist/server.py Tue Mar 16 12:34:29 2010 +0100
+++ b/etwist/server.py Tue Mar 16 12:40:59 2010 +0100
@@ -246,21 +246,12 @@
headers=req.headers_out or None)
except ExplicitLogin: # must be before AuthenticationError
return self.request_auth(req)
- except AuthenticationError:
- if self.config['auth-mode'] == 'cookie':
- # in cookie mode redirecting to the index view is enough :
- # either anonymous connection is allowed and the page will
- # be displayed or we'll be redirected to the login form
- msg = req._('you have been logged out')
- if req.https:
- req._base_url = self.base_url
- req.https = False
- url = req.build_url('view', vid='index', __message=msg)
- return self.redirect(req, url)
- else:
- # in http we have to request auth to flush current http auth
- # information
- return self.request_auth(req, loggedout=True)
+ except AuthenticationError, ex:
+ if self.config['auth-mode'] == 'cookie' and getattr(ex, 'url', None):
+ return self.redirect(req, ex.url)
+ # in http we have to request auth to flush current http auth
+ # information
+ return self.request_auth(req, loggedout=True)
except Redirect, ex:
return self.redirect(req, ex.location)
# request may be referenced by "onetime callback", so clear its entity
--- a/web/application.py Tue Mar 16 12:34:29 2010 +0100
+++ b/web/application.py Tue Mar 16 12:40:59 2010 +0100
@@ -217,13 +217,13 @@
path = 'view'
raise Redirect(req.build_url(path, **args))
- def logout(self, req):
+ def logout(self, req, goto_url):
"""logout from the instance by cleaning the session and raising
`AuthenticationError`
"""
self.session_manager.close_session(req.cnx)
req.remove_cookie(req.get_cookie(), self.SESSION_VAR)
- raise AuthenticationError()
+ raise AuthenticationError(url=goto_url)
class CubicWebPublisher(object):
--- a/web/views/basecontrollers.py Tue Mar 16 12:34:29 2010 +0100
+++ b/web/views/basecontrollers.py Tue Mar 16 12:40:59 2010 +0100
@@ -17,7 +17,8 @@
from logilab.common.decorators import cached
from logilab.common.date import strptime
-from cubicweb import NoSelectableObject, ValidationError, ObjectNotFound, typed_eid
+from cubicweb import (NoSelectableObject, ValidationError, ObjectNotFound,
+ typed_eid)
from cubicweb.utils import CubicWebJsonEncoder
from cubicweb.selectors import yes, match_user_groups
from cubicweb.mail import format_mail
@@ -82,8 +83,19 @@
def publish(self, rset=None):
"""logout from the instance"""
- return self.appli.session_handler.logout(self._cw)
+ return self.appli.session_handler.logout(self._cw, self.goto_url())
+ def goto_url(self):
+ # * in http auth mode, url will be ignored
+ # * in cookie mode redirecting to the index view is enough : either
+ # anonymous connection is allowed and the page will be displayed or
+ # we'll be redirected to the login form
+ msg = self._cw._('you have been logged out')
+ if self._cw.https:
+ # XXX hack to generate an url on the http version of the site
+ self._cw._base_url = self._cw.vreg.config['base-url']
+ self._cw.https = False
+ return self._cw.build_url('view', vid='index', __message=msg)
class ViewController(Controller):
"""standard entry point :