diff options
author | Aleš Smodiš <aless@guru.si> | 2015-10-15 18:46:54 +0200 |
---|---|---|
committer | Aleš Smodiš <aless@guru.si> | 2015-10-15 18:46:54 +0200 |
commit | 4a781b21db10f82e35b9945109b5f4d41ad0e8c3 (patch) | |
tree | 3907cb657aeb9bf4ba27dcc630935329bac1a5b6 /server/user_session.py | |
parent | de2ea4c96a007cd1c6545f0b4a063d3392a1a0d3 (diff) |
Server-side support for SAML logout, sessions are destroyed only using an AJAX call.
Diffstat (limited to 'server/user_session.py')
-rw-r--r-- | server/user_session.py | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/server/user_session.py b/server/user_session.py index 739da9a..dbf886c 100644 --- a/server/user_session.py +++ b/server/user_session.py @@ -154,6 +154,21 @@ class UserSession(object): pass db.return_connection(conn) + def logout(self): + """Logs out the session, rendering it anonymous.""" + with self._access_lock: + lang_session = self._lang_session + self._lang_session = None + uid = self.uid + sid = self.sid + username = self.username + self.uid = None + self.username = None + self.settings = {} + if lang_session is not None: # do not handle the language session holding the lock: we may deadlock if the callee calls the caller + lang_session.destroy() + logging.debug('User session logged out: username={0}, uid={1}, sid={2}'.format(username, uid, sid)) + def destroy(self): """Destroys the session.""" with module_access_lock: |