From 4a781b21db10f82e35b9945109b5f4d41ad0e8c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Smodi=C5=A1?= <aless@guru.si>
Date: Thu, 15 Oct 2015 18:46:54 +0200
Subject: Server-side support for SAML logout, sessions are destroyed only
 using an AJAX call.

---
 server/user_session.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'server/user_session.py')

diff --git a/server/user_session.py b/server/user_session.py
index 739da9a..dbf886c 100644
--- a/server/user_session.py
+++ b/server/user_session.py
@@ -154,6 +154,21 @@ class UserSession(object):
                     pass
                 db.return_connection(conn)
 
+    def logout(self):
+        """Logs out the session, rendering it anonymous."""
+        with self._access_lock:
+            lang_session = self._lang_session
+            self._lang_session = None
+            uid = self.uid
+            sid = self.sid
+            username = self.username
+            self.uid = None
+            self.username = None
+            self.settings = {}
+        if lang_session is not None:  # do not handle the language session holding the lock: we may deadlock if the callee calls the caller
+            lang_session.destroy()
+        logging.debug('User session logged out: username={0}, uid={1}, sid={2}'.format(username, uid, sid))
+
     def destroy(self):
         """Destroys the session."""
         with module_access_lock:
-- 
cgit v1.2.1