chiark
/
gitweb
/
~mdw
/
chopwood
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
httpauth.py, cmd-cgi.py, list.fhtml: Implement explicit logout action.
[chopwood]
/
httpauth.py
diff --git
a/httpauth.py
b/httpauth.py
index 4a41e4fcb16267b7242f79c6366bcef507bc6b20..13ba0d1155767a66de538942a6851f776d6ffdbb 100644
(file)
--- a/
httpauth.py
+++ b/
httpauth.py
@@
-175,6
+175,7
@@
LOGIN_REASONS = {
'EXPIRED': 'session timed out',
'BADTAG': 'incorrect tag',
'NOUSER': 'unknown user name',
'EXPIRED': 'session timed out',
'BADTAG': 'incorrect tag',
'NOUSER': 'unknown user name',
+ 'LOGOUT': 'explicitly logged out',
None: None
}
None: None
}
@@
-201,6
+202,9
@@
def check_auth(token, nonce = None):
global NONCE
global NONCE
+ ## If the token has been explicitly clobbered, then we're logged out.
+ if token == 'logged-out': raise AuthenticationFailed, 'LOGOUT'
+
## Parse the token.
bits = token.split('.', 3)
if len(bits) != 4: raise AuthenticationFailed, 'BADTOKEN'
## Parse the token.
bits = token.split('.', 3)
if len(bits) != 4: raise AuthenticationFailed, 'BADTOKEN'
~mdw / chopwood / blobdiff