--- a/src/ur/openidUser.ur	Tue Jul 19 11:03:29 2011 -0430
+++ b/src/ur/openidUser.ur	Sun Jul 24 13:03:11 2011 -0430
@@ -9,7 +9,7 @@
 
 signature CTLDISPLAY = sig
     val formatUser : xbody -> xbody
-    val formatLogout : url -> xbody
+    val formatLogout : ($([]) -> transaction page) -> xbody
     val formatSignup : url -> xbody
     val formatLogon : ({User : string} -> transaction page) -> xbody
 end
@@ -18,8 +18,10 @@
     fun formatUser user =
         <xml>You are logged in as {user}.</xml>
 
-    fun formatLogout url =
-        <xml><a href={url}>Log Out</a></xml>
+    fun formatLogout handler =
+        <xml>
+	  <form><submit value="Logout" action={handler}/></form>
+	</xml>
 
     fun formatSignup url =
         <xml><a href={url}>Sign Up</a></xml>
@@ -90,7 +92,7 @@
             else
                 currentUrl
 
-    val current =
+    fun current' tweakSession =
         login <- getCookie auth;
         case login of
             Some (LoggedIn login) =>
@@ -107,18 +109,34 @@
                                     WHERE identity.User = {[login.User]}
                                       AND identity.Identifier = {[ident]});
                  if valid then
+                     tweakSession login.Session;
                      return (Some login.User)
                  else
                      error <xml>Session not authorized to act as user</xml>)
           | _ => return None
 
+    val current = current' (fn _ => return ())
+
+    val renew = current' (fn id =>
+                             now <- now;
+                             dml (UPDATE session
+                                  SET Expires = {[addSeconds now M.sessionLifetime]}
+                                  WHERE Id = {[id]}))
+
     fun validUser s = String.length s > 0 && String.length s < 20
                       && String.all Char.isAlnum s
 
     fun main wrap =
         let
             fun logout () =
+		login <- getCookie auth;
                 clearCookie auth;
+		(case login of
+		    Some (LoggedIn login) =>
+		    dml (DELETE FROM session
+                         WHERE Id = {[login.Session]}
+                           AND Key = {[login.Key]})
+		  | _ => return ());
                 redirect M.afterLogout
 
             fun newSession identO =
@@ -337,10 +355,10 @@
 
             case cur of
                 Some cur => return {Status = (M.CtlDisplay.formatUser <xml>{[cur]}</xml>),
-                                    Other = {Url = (url (logout ())), 
-                                             Xml = (M.CtlDisplay.formatLogout (url (logout ())))}}
+                                    Other = {Url = None,
+                                             Xml = (M.CtlDisplay.formatLogout logout)}}
               | None => return {Status = (M.CtlDisplay.formatLogon (logon (show here))),
-                                Other = {Url = (url (signup (show here))),
+                                Other = {Url = Some (url (signup (show here))),
                                          Xml = (M.CtlDisplay.formatSignup (url (signup (show here))))}}
         end