Forcibly clean and destroy the session on logout (#11447)
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This commit is contained in:
parent
5cf224abe3
commit
a0d35fb6ad
1 changed files with 2 additions and 5 deletions
|
@ -994,11 +994,8 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au
|
|||
|
||||
// HandleSignOut resets the session and sets the cookies
|
||||
func HandleSignOut(ctx *context.Context) {
|
||||
_ = ctx.Session.Delete("uid")
|
||||
_ = ctx.Session.Delete("uname")
|
||||
_ = ctx.Session.Delete("socialId")
|
||||
_ = ctx.Session.Delete("socialName")
|
||||
_ = ctx.Session.Delete("socialEmail")
|
||||
_ = ctx.Session.Flush()
|
||||
_ = ctx.Session.Destroy(ctx.Context)
|
||||
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
|
||||
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
|
||||
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
|
||||
|
|
Loading…
Reference in a new issue