* add HOOK_POST_LOGOUT

* auth_remote: add config option AUTH_REMOTE_POST_LOGOUT_URL
2021-12-06 13:20:18 +03:00 · 2021-12-06 13:20:18 +03:00 · 53061d1508
parent 57b0413a3a
commit 53061d1508
4 changed files with 48 additions and 2 deletions
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@ -296,8 +296,25 @@ class Handler_Public extends Handler {

 	function logout(): void {
 		if (validate_csrf($_POST["csrf_token"])) {
+
+			$login = $_SESSION["name"];
+			$user_id = $_SESSION["uid"];
+
 			UserHelper::logout();
-			header("Location: index.php");
+
+			$redirect_url = "";
+
+			PluginHost::getInstance()->run_hooks_callback(PluginHost::HOOK_POST_LOGOUT,
+				function ($result) use (&$redirect_url) {
+					if (!empty($result[0]))
+						$redirect_url = UrlHelper::validate($result[0]);
+				},
+				$login, $user_id);
+
+			if (!$redirect_url)
+				$redirect_url = get_self_url_prefix() . "/index.php";
+
+			header("Location: " . $redirect_url);
 		} else {
 			header("Content-Type: text/json");
 			print Errors::to_json(Errors::E_UNAUTHORIZED);
--- a/classes/plugin.php
+++ b/classes/plugin.php
@ -670,4 +670,13 @@ abstract class Plugin {

 		return false;
 	}
+
+	/** Invoked after user logout, may override built-in behavior (redirect back to login page)
+	 *  @param string $login
+	 *  @param int $user_id
+	 * @return array<mixed> - [0] - if set, url to redirect to
+	*/
+	function hook_post_logout($login, $user_id) {
+		return [""];
+	}
 }
--- a/classes/pluginhost.php
+++ b/classes/pluginhost.php
@ -195,6 +195,9 @@ class PluginHost {
 	/** @see Plugin::hook_pre_subscribe() */
 	const HOOK_PRE_SUBSCRIBE = "hook_pre_subscribe";

+	/** @see Plugin::hook_post_logout() */
+	const HOOK_POST_LOGOUT = "hook_post_logout";
+
 	const KIND_ALL = 1;
 	const KIND_SYSTEM = 2;
 	const KIND_USER = 3;
--- a/plugins/auth_remote/init.php
+++ b/plugins/auth_remote/init.php
@ -1,15 +1,26 @@
 <?php
 class Auth_Remote extends Auth_Base {

+	/** redirect user to this URL after logout; .env:
+	 * TTRSS_AUTH_REMOTE_POST_LOGOUT_URL=http://127.0.0.1/logout-redirect
+	 */
+	const AUTH_REMOTE_POST_LOGOUT_URL = "AUTH_REMOTE_POST_LOGOUT_URL";
+
 	function about() {
 		return array(null,
-			"Authenticates against remote password (e.g. supplied by Apache)",
+			"Authenticates against external passwords (HTTP Authentication, SSL certificates)",
 			"fox",
 			true);
 	}

 	function init($host) {
 		$host->add_hook($host::HOOK_AUTH_USER, $this);
+
+		Config::add(self::AUTH_REMOTE_POST_LOGOUT_URL, "", Config::T_STRING);
+
+		if (Config::get(self::AUTH_REMOTE_POST_LOGOUT_URL) != "") {
+			$host->add_hook($host::HOOK_POST_LOGOUT, $this);
+		}
 	}

 	function get_login_by_ssl_certificate() : string {
@ -73,6 +84,12 @@ class Auth_Remote extends Auth_Base {
 		return false;
 	}

+	function hook_post_logout($login, $user_id) {
+		return [
+			Config::get(self::AUTH_REMOTE_POST_LOGOUT_URL)
+			];
+	}
+
 	function api_version() {
 		return 2;
 	}