[Rt-commit] rt branch 5.0/login-logout-adjustments created. rt-5.0.3-226-g0f3f66caa6
BPS Git Server
git at git.bestpractical.com
Fri Jan 6 20:45:59 UTC 2023
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt".
The branch, 5.0/login-logout-adjustments has been created
at 0f3f66caa62811c4aaba369bc41b735faf5a49ac (commit)
- Log -----------------------------------------------------------------
commit 0f3f66caa62811c4aaba369bc41b735faf5a49ac
Author: Ronaldo Richieri <ronaldo at bestpractical.com>
Date: Fri Jan 6 17:43:05 2023 -0300
Update basic_auth.t test since logout will be always available
diff --git a/t/web/basic_auth.t b/t/web/basic_auth.t
index ff77f29f26..2eea552fec 100644
--- a/t/web/basic_auth.t
+++ b/t/web/basic_auth.t
@@ -23,7 +23,7 @@ $m->content_like(
qr{<span class="current-user">\Qroot\E</span>}i,
"Has user on the page"
);
-$m->content_unlike(qr/Logout/i, "Has no logout button, no WebFallbackToRTLogin");
+$m->content_like(qr/Logout/i, "Has logout button");
# Again, testing the plack middleware
$m->get($url);
commit f6af4dda2e7689924fce1f64eb2a6eeaf8a4caac
Author: Ronaldo Richieri <ronaldo at bestpractical.com>
Date: Fri Jan 6 17:20:51 2023 -0300
Add REMOTE ADDRESS to the debug of auth web remote log in
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index 7de6dcf3fc..d8e66866cd 100644
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -806,7 +806,8 @@ sub AttemptExternalAuth {
}
if ( _UserLoggedIn() ) {
- RT->Logger->info("Session created from REMOTE_USER for user $user");
+ my $remote_addr = RequestENV('REMOTE_ADDR');
+ RT->Logger->info("Successful login for $user from $remote_addr");
$HTML::Mason::Commands::session{'WebExternallyAuthed'} = 1;
$m->callback( %$ARGS, CallbackName => 'ExternalAuthSuccessfulLogin', CallbackPage => '/autohandler' );
# It is possible that we did a redirect to the login page,
commit 225bde823c56324571708e864b21c47f330ba2a2
Author: Ronaldo Richieri <ronaldo at bestpractical.com>
Date: Fri Jan 6 17:18:39 2023 -0300
Move LogoutURL logic from MenuBuilder.pm to Logout.html
We will not hide the logout option anymore so there is no need to have
logic in MenuBuilder for hidding it.
In Logout.html we will check if the user is logged from Remote User
Auth and also if LogoutURL is set in the config file.
diff --git a/lib/RT/Interface/Web/MenuBuilder.pm b/lib/RT/Interface/Web/MenuBuilder.pm
index b6260023a8..d7f395d963 100644
--- a/lib/RT/Interface/Web/MenuBuilder.pm
+++ b/lib/RT/Interface/Web/MenuBuilder.pm
@@ -339,8 +339,7 @@ sub BuildMainNav {
}
}
if ( $current_user->Name ) {
- _BuildLogoutMenu( $about_me );
- }
+ $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' ); }
if ( $request_path =~ m{^/Dashboards/(\d+)?}) {
if ( my $id = ( $1 || $HTML::Mason::Commands::DECODED_ARGS->{'id'} ) ) {
my $obj = RT::Dashboard->new( $current_user );
@@ -1621,18 +1620,6 @@ sub _BuildAdminMenu {
}
}
-sub _BuildLogoutMenu {
- my $about_me = shift;
-
- my $logout_url = RT->Config->Get('LogoutURL') || '/NoAuth/Logout.html';
- # If user is not externally authenticated, show the logout link
- # otherwise, show the logout link if LogoutURL is set to something other than the default
- if ( !$HTML::Mason::Commands::session{'WebExternallyAuthed'} || $logout_url ne '/NoAuth/Logout.html' )
- {
- $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' );
- }
-}
-
sub BuildSelfServiceNav {
my $request_path = shift;
my $top = shift;
@@ -1704,7 +1691,7 @@ sub BuildSelfServiceNav {
}
if ( $current_user->Name ) {
- _BuildLogoutMenu($about_me);
+ $about_me->child( logout => title => loc('Logout'), path => '/NoAuth/Logout.html' );
}
if ( RT->Config->Get('SelfServiceShowArticleSearch') ) {
diff --git a/share/html/NoAuth/Logout.html b/share/html/NoAuth/Logout.html
index f6bd25ea3b..b195759e22 100644
--- a/share/html/NoAuth/Logout.html
+++ b/share/html/NoAuth/Logout.html
@@ -77,25 +77,40 @@ $m->callback( %ARGS, CallbackName => 'ModifyLoginRedirect', URL => \$URL );
$m->callback( %ARGS, CallbackName => 'BeforeSessionDelete' );
-my $username;
-if (keys %session) {
- $username = $session{'CurrentUser'}->Name;
-
- # If WebRemoteUserAuth and LogoutURL are set, redirect to the LogoutURL set on Config
- if (
- $session{'WebExternallyAuthed'}
- && RT->Config->Get('LogoutURL')
- ) {
- $URL = RT->Config->Get('LogoutURL');
+if (keys %session && $session{'CurrentUser'}->Name) {
+ my $username = $session{'CurrentUser'}->Name;
+ my $remote_addr = ( RT::Interface::Web::RequestENV('REMOTE_ADDR')
+ || 'UNKNOWN');
+ my $logout_message = "Successful logout for $username from $remote_addr";
+ my $loglevel = 'info';
+ $URL = RT->Config->Get('LogoutURL');
+ if ($session{'WebExternallyAuthed'}){
+ if ($URL
+ && $URL ne '/NoAuth/Logout.html'
+ ) {
+ $logout_message =
+ "Successfully cleared session for ".
+ $username . " for logout request from ".
+ $remote_addr;
+ } else {
+ $loglevel = 'warn';
+ $logout_message =
+ "Successfully cleared session for ".
+ $username . " for logout request from ".
+ $remote_addr .
+ " but LogoutURL Config is undefined or invalid";
+ }
}
# Clear the session
RT::Interface::Web::InstantiateNewSession();
$session{'CurrentUser'} = RT::CurrentUser->new;
+
+ RT->Logger->$loglevel($logout_message);
}
$m->callback( %ARGS, CallbackName => 'AfterSessionDelete' );
+
$m->notes->{RefreshURL} = $URL;
-RT->Logger->info("User $username logged out. Redirecting to $URL") if $username;
</%INIT>
-----------------------------------------------------------------------
hooks/post-receive
--
rt
More information about the rt-commit
mailing list