clear session cookie if invalid

This commit is contained in:
Jakob Ketterl 2021-05-03 23:22:28 +02:00
parent fe1a1207e6
commit a17690dc91
2 changed files with 7 additions and 2 deletions

View File

@ -1,6 +1,7 @@
from .session import SessionStorage
from owrx.controllers.session import SessionStorage
from owrx.users import UserList
from urllib import parse
from http.cookies import SimpleCookie
import logging
@ -41,6 +42,10 @@ class AuthorizationMixin(object):
if self.isAuthorized():
super().handle_request()
else:
cookie = SimpleCookie()
cookie["owrx-session"] = ""
cookie["owrx-session"]["expires"] = "Thu, 01 Jan 1970 00:00:00 GMT"
self.set_response_cookies(cookie)
if (
"x-requested-with" in self.request.headers
and self.request.headers["x-requested-with"] == "XMLHttpRequest"

View File

@ -1,4 +1,4 @@
from .template import WebpageController
from owrx.controllers.template import WebpageController
from urllib.parse import parse_qs, urlencode
from uuid import uuid4
from http.cookies import SimpleCookie