5 年之前 · da0bbc8c85
--- a/lib/Trog/Auth.pm
+++ b/lib/Trog/Auth.pm
@@ -76,6 +76,18 @@ sub mksession ($user,$pass) {
 
				     return $uuid;
			
 
				 }
			
 
				 
			
 
				+=head2 killsession(user) = BOOL
			
 
				+
			
 
				+Delete the provided user's session from the auth db.
			
 
				+
			
 
				+=cut
			
 
				+
			
 
				+sub killsession ($user) {
			
 
				+    my $dbh = _dbh();
			
 
				+    $dbh->do("DELETE FROM session WHERE user_id IN (SELECT id FROM user WHERE name=?)",undef,$user);
			
 
				+    return 1;
			
 
				+}
			
 
				+
			
 
				 =head2 useradd(user, pass) = BOOL
			
 
				 
			
 
				 Adds a user identified by the provided password into the auth DB.
			
--- a/lib/Trog/Routes/HTML.pm
+++ b/lib/Trog/Routes/HTML.pm
@@ -44,6 +44,10 @@ our %routes = (
 
				         method   => 'GET',
			
 
				         callback => \&Trog::Routes::HTML::login,
			
 
				     },
			
 
				+    '/logout' => {
			
 
				+        method => 'GET',
			
 
				+        callback => \&Trog::Routes::HTML::logout,
			
 
				+    },
			
 
				     '/auth' => {
			
 
				         method   => 'POST',
			
 
				         nostatic => 1,
			
@@ -333,6 +337,7 @@ sub login ($query, $render_cb) {
 
				     # Note to future me -- this user value is overwritten explicitly in server.psgi.
			
 
				     # If that ever changes, you will die
			
 
				     $query->{to} //= $query->{route};
			
 
				+    $query->{to} = '/config' if $query->{to} eq '/login';
			
 
				     if ($query->{user}) {
			
 
				         return $routes{$query->{to}}{callback}->($query,$render_cb);
			
 
				     }
			
@@ -371,6 +376,19 @@ sub login ($query, $render_cb) {
 
				     }, @headers);
			
 
				 }
			
 
				 
			
 
				+=head2 logout
			
 
				+
			
 
				+Deletes your users' session and opens the login page.
			
 
				+
			
 
				+=cut
			
 
				+
			
 
				+sub logout ($query, $render_cb) {
			
 
				+    Trog::Auth::killsession($query->{user}) if $query->{user};
			
 
				+    delete $query->{user};
			
 
				+    $query->{to} = '/config';
			
 
				+    return login($query,$render_cb);
			
 
				+}
			
 
				+
			
 
				 =head2 config
			
 
				 
			
 
				 Renders the configuration page, or redirects you back to the login page.
			
--- a/www/server.psgi
+++ b/www/server.psgi
@@ -79,12 +79,6 @@ my $app = sub {
 
				          ($active_user,$user_id) = Trog::Auth::session2user($cookies->{tcmslogin}->value);
			
 
				     }
			
 
				 
			
 
				-    $query->{acls} = Trog::Auth::acls4user($user_id) // [] if $user_id;
			
 
				-
			
 
				-    $query->{user}   = $active_user;
			
 
				-    $query->{domain} = $env->{HTTP_HOST};
			
 
				-    $query->{route}  = $path;
			
 
				-
			
 
				     #Disallow any paths that are naughty ( starman auto-removes .. up-traversal)
			
 
				     if (index($path,'/templates') == 0 || $path =~ m/.*\.psgi$/i ) {
			
 
				         return Trog::Routes::HTML::forbidden($query, \&_render);
			
@@ -130,6 +124,13 @@ my $app = sub {
 
				         @$query{keys(%{$body->upload})} = values(%{$body->upload});
			
 
				     }
			
 
				 
			
 
				+    #Set various things we don't want overridden
			
 
				+    $query->{acls} = Trog::Auth::acls4user($user_id) // [] if $user_id;
			
 
				+
			
 
				+    $query->{user}   = $active_user;
			
 
				+    $query->{domain} = $env->{HTTP_HOST};
			
 
				+    $query->{route}  = $path;
			
 
				+
			
 
				     my $output =  $routes{$path}{callback}->($query, \&_render);
			
 
				     return $output;
			
 
				 };
			
--- a/www/templates/sysbar.tx
+++ b/www/templates/sysbar.tx
@@ -12,6 +12,7 @@
 
				         <a href="/post/files"  title="Files"         class="topbar">Files</a>
			
 
				         <a href="/post/series" title="Series"        class="topbar">Series</a>
			
 
				         <a href="/post/about"  title="About"         class="topbar">About</a>
			
 
				+        <a href="/logout"      title="Logout"        class="topbar">🚪</a>
			
 
				     </span>
			
 
				 </div>
			
 
				 <div style="height:3rem;">hidon</div>