Mercurial > openid
diff src/ur/openidUser.ur @ 48:3f475c6fb168
Make logout clear the session on the server
(which necessitates turning it from a link into a button)
| author | Robin Green <greenrd@greenrd.org> |
|---|---|
| date | Mon, 04 Jul 2011 14:08:00 +0100 |
| parents | f6b3fbf10dac |
| children | 9c83592de908 |
line wrap: on
line diff
--- a/src/ur/openidUser.ur Sun Jul 03 14:09:03 2011 -0400 +++ b/src/ur/openidUser.ur Mon Jul 04 14:08:00 2011 +0100 @@ -9,7 +9,7 @@ signature CTLDISPLAY = sig val formatUser : xbody -> xbody - val formatLogout : url -> xbody + val formatLogout : ($([]) -> transaction page) -> xbody val formatSignup : url -> xbody val formatLogon : ({User : string} -> transaction page) -> xbody end @@ -18,8 +18,10 @@ fun formatUser user = <xml>You are logged in as {user}.</xml> - fun formatLogout url = - <xml><a href={url}>Log Out</a></xml> + fun formatLogout handler = + <xml> + <form><submit value="Logout" action={handler}/></form> + </xml> fun formatSignup url = <xml><a href={url}>Sign Up</a></xml> @@ -114,7 +116,14 @@ fun main wrap = let fun logout () = + login <- getCookie auth; clearCookie auth; + (case login of + Some (LoggedIn login) => + dml (DELETE FROM session + WHERE Id = {[login.Session]} + AND Key = {[login.Key]}) + | _ => return ()); redirect M.afterLogout fun signupDetails after = @@ -324,10 +333,10 @@ case cur of Some cur => return {Status = (M.CtlDisplay.formatUser <xml>{[cur]}</xml>), - Other = {Url = (url (logout ())), - Xml = (M.CtlDisplay.formatLogout (url (logout ())))}} + Other = {Url = None, + Xml = (M.CtlDisplay.formatLogout logout)}} | None => return {Status = (M.CtlDisplay.formatLogon (logon (show here))), - Other = {Url = (url (signup (show here))), + Other = {Url = Some (url (signup (show here))), Xml = (M.CtlDisplay.formatSignup (url (signup (show here))))}} end