Mercurial > openid
changeset 48:3f475c6fb168
Make logout clear the session on the server
(which necessitates turning it from a link into a button)
author | Robin Green <greenrd@greenrd.org> |
---|---|
date | Mon, 04 Jul 2011 14:08:00 +0100 |
parents | f8c9e1e4d337 |
children | 9c83592de908 |
files | src/ur/openidUser.ur src/ur/openidUser.urs |
diffstat | 2 files changed, 21 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/src/ur/openidUser.ur Sun Jul 03 14:09:03 2011 -0400 +++ b/src/ur/openidUser.ur Mon Jul 04 14:08:00 2011 +0100 @@ -9,7 +9,7 @@ signature CTLDISPLAY = sig val formatUser : xbody -> xbody - val formatLogout : url -> xbody + val formatLogout : ($([]) -> transaction page) -> xbody val formatSignup : url -> xbody val formatLogon : ({User : string} -> transaction page) -> xbody end @@ -18,8 +18,10 @@ fun formatUser user = <xml>You are logged in as {user}.</xml> - fun formatLogout url = - <xml><a href={url}>Log Out</a></xml> + fun formatLogout handler = + <xml> + <form><submit value="Logout" action={handler}/></form> + </xml> fun formatSignup url = <xml><a href={url}>Sign Up</a></xml> @@ -114,7 +116,14 @@ fun main wrap = let fun logout () = + login <- getCookie auth; clearCookie auth; + (case login of + Some (LoggedIn login) => + dml (DELETE FROM session + WHERE Id = {[login.Session]} + AND Key = {[login.Key]}) + | _ => return ()); redirect M.afterLogout fun signupDetails after = @@ -324,10 +333,10 @@ case cur of Some cur => return {Status = (M.CtlDisplay.formatUser <xml>{[cur]}</xml>), - Other = {Url = (url (logout ())), - Xml = (M.CtlDisplay.formatLogout (url (logout ())))}} + Other = {Url = None, + Xml = (M.CtlDisplay.formatLogout logout)}} | None => return {Status = (M.CtlDisplay.formatLogon (logon (show here))), - Other = {Url = (url (signup (show here))), + Other = {Url = Some (url (signup (show here))), Xml = (M.CtlDisplay.formatSignup (url (signup (show here))))}} end
--- a/src/ur/openidUser.urs Sun Jul 03 14:09:03 2011 -0400 +++ b/src/ur/openidUser.urs Mon Jul 04 14:08:00 2011 +0100 @@ -15,8 +15,8 @@ val formatUser : xbody -> xbody (* Format the display of the logged on user *) - val formatLogout : url -> xbody - (* Format the logout link *) + val formatLogout : ($([]) -> transaction page) -> xbody + (* Format the logout button *) val formatSignup : url -> xbody (* Format the signup link *) @@ -107,14 +107,15 @@ val main : (string -> xbody -> transaction page) -> transaction {Status : xbody, - Other : {Url : url, Xml : xbody}} + Other : {Url : option url, Xml : xbody}} (* Pass in your generic page template; get out the HTML snippet for user * management, suitable for, e.g., inclusion in your standard page * header. The output gives a "status" chunk, which will either be a login * form or a message about which user is logged in; and an "other" chunk, - * which will be a log out or sign up link. In the case "other", the link - * itself is also provided for cases when one format is not enough. *) + * which will be a log out button or sign up link. In the case of "other", + * the link itself (if available) is also provided for cases when one + * format is not enough. *) end