diff options
| author | John Olheiser <john.olheiser@gmail.com> | 2020-03-03 05:50:31 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-03-03 05:50:31 +0100 |
| commit | 0e2217bd2d8833f0bff84767f676fc93c84d4b9a (patch) | |
| tree | 1c3761814e57b37cb313a9e475719d76e9dbe02f | |
| parent | nextcloud oauth (#10562) (diff) | |
| download | forgejo-0e2217bd2d8833f0bff84767f676fc93c84d4b9a.tar.xz forgejo-0e2217bd2d8833f0bff84767f676fc93c84d4b9a.zip | |
Logout POST action (#10582)
* Change logout to POST
* Update for redirect
Signed-off-by: jolheiser <john.olheiser@gmail.com>
| -rw-r--r-- | integrations/signout_test.go | 2 | ||||
| -rw-r--r-- | routers/routes/routes.go | 2 | ||||
| -rw-r--r-- | templates/base/head_navbar.tmpl | 2 | ||||
| -rw-r--r-- | web_src/js/index.js | 3 |
4 files changed, 6 insertions, 3 deletions
diff --git a/integrations/signout_test.go b/integrations/signout_test.go index 65957b244e..c31c913070 100644 --- a/integrations/signout_test.go +++ b/integrations/signout_test.go @@ -14,7 +14,7 @@ func TestSignOut(t *testing.T) { session := loginUser(t, "user2") - req := NewRequest(t, "GET", "/user/logout") + req := NewRequest(t, "POST", "/user/logout") session.MakeRequest(t, req, http.StatusFound) // try to view a private repo, should fail diff --git a/routers/routes/routes.go b/routers/routes/routes.go index a8a08c9eca..0b0b4e05a3 100644 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -413,7 +413,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Post("/recover_account", user.ResetPasswdPost) m.Get("/forgot_password", user.ForgotPasswd) m.Post("/forgot_password", user.ForgotPasswdPost) - m.Get("/logout", user.SignOut) + m.Post("/logout", user.SignOut) }) // ***** END: User ***** diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl index 51a021d0e5..de02bca1f7 100644 --- a/templates/base/head_navbar.tmpl +++ b/templates/base/head_navbar.tmpl @@ -115,7 +115,7 @@ {{end}} <div class="divider"></div> - <a class="item" href="{{AppSubUrl}}/user/logout"> + <a class="item link-action" href data-url="{{AppSubUrl}}/user/logout" data-redirect="{{AppSubUrl}}/"> {{svg "octicon-sign-out" 16}} {{.i18n.Tr "sign_out"}}<!-- Sign Out --> </a> diff --git a/web_src/js/index.js b/web_src/js/index.js index b2eec525d3..570d392877 100644 --- a/web_src/js/index.js +++ b/web_src/js/index.js @@ -2741,11 +2741,14 @@ function showAddAllPopup() { function linkAction() { const $this = $(this); + const redirect = $this.data('redirect'); $.post($this.data('url'), { _csrf: csrf }).done((data) => { if (data.redirect) { window.location.href = data.redirect; + } else if (redirect) { + window.location.href = redirect; } else { window.location.reload(); } |