Skip to content

Commit

Permalink
Merge pull request #704 from dfir-iris/putting_back_loggout_endpoint
Browse files Browse the repository at this point in the history 
[FIX] UI logout was not working anymore
  • Loading branch information
@whikernel
whikernel authored Jan 30, 2025
2 parents e43eac5 + cdbbec6 commit 41b1a92
Show file tree
Hide file tree
Showing 3 changed files with 57 additions and 2 deletions.
7 changes: 7 additions & 0 deletions e2e/tests/administrator/dashboard.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,10 @@ test('create case with empty name should present error', async ({ page }) => {
// FIXME: Locator should be: page.getByRole('alert', { name: 'Invalid data type' });
await expect(page.getByText('Invalid data type')).toBeVisible();
});

test('logout should go back to login page', async ({ page }) => {
await page.getByRole('link', { name: 'administrator' }).click();
await page.getByRole('link', { name: 'Logout' }).click();

await expect(page.getByRole('button', { name: 'Sign In' })).toBeVisible();
})
50 changes: 49 additions & 1 deletion source/app/blueprints/rest/dashboard_routes.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,18 @@
import marshmallow
from datetime import datetime
from datetime import timedelta
from oic.oauth2.exception import GrantError

from flask import Blueprint
from flask import session
from flask import request
from flask import redirect
from flask_login import current_user
from flask_login import logout_user

from app import db, app
from app import db
from app import app
from app import oidc_client

from app.blueprints.rest.endpoints import endpoint_deprecated
from app.datamgmt.dashboard.dashboard_db import get_global_task, list_user_cases, list_user_reviews
Expand All @@ -46,6 +52,8 @@
from app.blueprints.access_controls import ac_api_requires
from app.blueprints.responses import response_error
from app.blueprints.responses import response_success
from app.blueprints.access_controls import is_authentication_oidc
from app.blueprints.access_controls import not_authenticated_redirection_url


log = app.logger
Expand All @@ -58,6 +66,46 @@
)


# Logout user
@dashboard_rest_blueprint.route('/logout')
def logout():
"""
Logout function. Erase its session and redirect to index i.e login
:return: Page
"""

if session['current_case']:
current_user.ctx_case = session['current_case']['case_id']
current_user.ctx_human_case = session['current_case']['case_name']
db.session.commit()

if is_authentication_oidc():
if oidc_client.provider_info.get("end_session_endpoint"):
try:
logout_request = oidc_client.construct_EndSessionRequest(
state=session["oidc_state"])
logout_url = logout_request.request(
oidc_client.provider_info["end_session_endpoint"])
track_activity("user '{}' has been logged-out".format(
current_user.user), ctx_less=True, display_in_ui=False)
logout_user()
session.clear()
return redirect(logout_url)
except GrantError:
track_activity(
f"no oidc session found for user '{current_user.user}', skipping oidc provider logout and continuing to logout local user",
ctx_less=True,
display_in_ui=False
)

track_activity("user '{}' has been logged-out".format(current_user.user),
ctx_less=True, display_in_ui=False)
logout_user()
session.clear()

return redirect(not_authenticated_redirection_url('/'))


@dashboard_rest_blueprint.route('/dashboard/case_charts', methods=['GET'])
@ac_api_requires()
def get_cases_charts():
Expand Down
2 changes: 1 addition & 1 deletion source/app/templates/includes/sidenav.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
</a>
</li>
<li>
<a href='/api/v2/auth/logout'>
<a href={{ url_for('dashboard_rest.logout') }}>
<span class="link-collapse">Logout</span>
</a>
</li>
Expand Down

0 comments on commit 41b1a92

Please sign in to comment.