From 0e2217bd2d8833f0bff84767f676fc93c84d4b9a Mon Sep 17 00:00:00 2001 From: John Olheiser Date: Mon, 2 Mar 2020 22:50:31 -0600 Subject: [PATCH] Logout POST action (#10582) * Change logout to POST * Update for redirect Signed-off-by: jolheiser --- integrations/signout_test.go | 2 +- routers/routes/routes.go | 2 +- templates/base/head_navbar.tmpl | 2 +- web_src/js/index.js | 3 +++ 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/integrations/signout_test.go b/integrations/signout_test.go index 65957b244e..c31c913070 100644 --- a/integrations/signout_test.go +++ b/integrations/signout_test.go @@ -14,7 +14,7 @@ func TestSignOut(t *testing.T) { session := loginUser(t, "user2") - req := NewRequest(t, "GET", "/user/logout") + req := NewRequest(t, "POST", "/user/logout") session.MakeRequest(t, req, http.StatusFound) // try to view a private repo, should fail diff --git a/routers/routes/routes.go b/routers/routes/routes.go index a8a08c9eca..0b0b4e05a3 100644 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -413,7 +413,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Post("/recover_account", user.ResetPasswdPost) m.Get("/forgot_password", user.ForgotPasswd) m.Post("/forgot_password", user.ForgotPasswdPost) - m.Get("/logout", user.SignOut) + m.Post("/logout", user.SignOut) }) // ***** END: User ***** diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl index 51a021d0e5..de02bca1f7 100644 --- a/templates/base/head_navbar.tmpl +++ b/templates/base/head_navbar.tmpl @@ -115,7 +115,7 @@ {{end}}
- + {{svg "octicon-sign-out" 16}} {{.i18n.Tr "sign_out"}} diff --git a/web_src/js/index.js b/web_src/js/index.js index b2eec525d3..570d392877 100644 --- a/web_src/js/index.js +++ b/web_src/js/index.js @@ -2741,11 +2741,14 @@ function showAddAllPopup() { function linkAction() { const $this = $(this); + const redirect = $this.data('redirect'); $.post($this.data('url'), { _csrf: csrf }).done((data) => { if (data.redirect) { window.location.href = data.redirect; + } else if (redirect) { + window.location.href = redirect; } else { window.location.reload(); }