From 84599863c9a8cfce6a8ae28f3ccce98993d7c36e Mon Sep 17 00:00:00 2001 From: Taija Tevia-Clark Date: Wed, 12 Feb 2020 14:34:38 -0800 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20FIX:=20=20Logout=20Issues?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix logout button URL and issue where session could persist after logout RB-7 and RB-6 --- app/Http/Controllers/BlocksController.php | 10 +++++----- app/Http/Middleware/SimpleSAMLphp.php | 11 ++++++----- resources/views/error/notStudent.blade.php | 4 ++-- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/app/Http/Controllers/BlocksController.php b/app/Http/Controllers/BlocksController.php index 681131f..6a93b9e 100644 --- a/app/Http/Controllers/BlocksController.php +++ b/app/Http/Controllers/BlocksController.php @@ -10,7 +10,7 @@ class BlocksController extends Controller { // - public function blockList() + public function blockList(Request $request) { /** * Load from Data API @@ -24,14 +24,14 @@ public function blockList() ); $user = $dataAPI->getUser( - session('username'), + $request->get('username'), $token ); $data = array( 'userData' => $user, - 'username' => session('username'), - 'logout' => session('logout_url'), + 'username' => $request->get('username'), + 'logout' => $request->get('logoutUrl'), ); if (null !== $user && null !== $user['blocks']) @@ -44,7 +44,7 @@ public function blockList() } else { - Log::info( 'User '. (null !== session('username') ? session('username') : '[NOT SET]') .' logged in, had no student record'); + Log::info( 'User '. (null !== $request->get('username') ? $request->get('username') : '[NOT SET]') .' logged in, had no student record'); return view('error/notStudent', $data); } diff --git a/app/Http/Middleware/SimpleSAMLphp.php b/app/Http/Middleware/SimpleSAMLphp.php index 7ed51d9..8e19f9e 100644 --- a/app/Http/Middleware/SimpleSAMLphp.php +++ b/app/Http/Middleware/SimpleSAMLphp.php @@ -29,15 +29,16 @@ public function handle($request, Closure $next) * Store Username and Auth Object in Session */ $attributes = $auth->getAttributes(); - session(['username' => $attributes[config('simplesamlphp.username')][0]]); - session(['logout_url' => $auth->getLogoutURL('https://www.bellevuecollege.edu')]); + $request->attributes->add(['username' => $attributes[config('simplesamlphp.username')][0]]); + $request->attributes->add(['logoutUrl' => $auth->getLogoutURL('https://www.bellevuecollege.edu')]); + } else // Disable auth on test and local environments { - session(['username' => 't.test']); // Modify this username if needed - session(['logout_url' => 'https://www.bellevuecollege.edu']); + $request->attributes->add(['username' => 't.test']); // Modify this username if needed + $request->attributes->add(['logoutUrl' => 'https://www.bellevuecollege.edu']); } return $next($request); } -} \ No newline at end of file +} diff --git a/resources/views/error/notStudent.blade.php b/resources/views/error/notStudent.blade.php index 45c9c86..dfa792d 100644 --- a/resources/views/error/notStudent.blade.php +++ b/resources/views/error/notStudent.blade.php @@ -2,8 +2,8 @@ @section('content')
-

This is not a student account

-

Registration block information is only available for Bellevue College students. You have logged in with a non-student account. Log out

+

Error: Unable to retrieve student account

+

Registration block information is only available for Bellevue College students. You may have logged in with a non-student account, or an error has occurred. Log out

@endsection