Path: blob/master/src/applications/auth/controller/PhabricatorLogoutController.php
12256 views
<?php12final class PhabricatorLogoutController3extends PhabricatorAuthController {45public function shouldRequireLogin() {6// See T13310. We allow access to the "Logout" controller even if you are7// not logged in: otherwise, users who do not have access to any Spaces can8// not log out.910// When you try to access a controller which requires you be logged in,11// and you do not have access to any Spaces, an access check fires first12// and prevents access with a "No Access to Spaces" error. If this13// controller requires users be logged in, users who are trying to log out14// and also have no access to Spaces get the error instead of a logout15// workflow and are trapped.1617// By permitting access to this controller even if you are not logged in,18// we bypass the Spaces check and allow users who have no access to Spaces19// to log out.2021// This incidentally allows users who are already logged out to access the22// controller, but this is harmless: we just no-op these requests.2324return false;25}2627public function shouldRequireEmailVerification() {28// Allow unverified users to logout.29return false;30}3132public function shouldRequireEnabledUser() {33// Allow disabled users to logout.34return false;35}3637public function shouldAllowPartialSessions() {38return true;39}4041public function shouldAllowLegallyNonCompliantUsers() {42return true;43}4445public function handleRequest(AphrontRequest $request) {46$viewer = $this->getViewer();4748if ($request->isFormPost()) {49// Destroy the user's session in the database so logout works even if50// their cookies have some issues. We'll detect cookie issues when they51// try to login again and tell them to clear any junk.52$phsid = $request->getCookie(PhabricatorCookies::COOKIE_SESSION);53if (strlen($phsid)) {54$session = id(new PhabricatorAuthSessionQuery())55->setViewer($viewer)56->withSessionKeys(array($phsid))57->executeOne();5859if ($session) {60$engine = new PhabricatorAuthSessionEngine();61$engine->logoutSession($viewer, $session);62}63}64$request->clearCookie(PhabricatorCookies::COOKIE_SESSION);6566return id(new AphrontRedirectResponse())67->setURI('/auth/loggedout/');68}697071if ($viewer->getPHID()) {72$dialog = $this->newDialog()73->setTitle(pht('Log Out?'))74->appendParagraph(pht('Are you sure you want to log out?'))75->addCancelButton('/');7677$configs = id(new PhabricatorAuthProviderConfigQuery())78->setViewer(PhabricatorUser::getOmnipotentUser())79->execute();80if (!$configs) {81$dialog82->appendRemarkup(83pht(84'WARNING: You have not configured any authentication providers '.85'yet, so your account has no login credentials. If you log out '.86'now, you will not be able to log back in normally.'))87->appendParagraph(88pht(89'To enable the login flow, follow setup guidance and configure '.90'at least one authentication provider, then associate '.91'credentials with your account. After completing these steps, '.92'you will be able to log out and log back in normally.'))93->appendParagraph(94pht(95'If you log out now, you can still regain access to your '.96'account later by using the account recovery workflow. The '.97'login screen will prompt you with recovery instructions.'));9899$button = pht('Log Out Anyway');100} else {101$button = pht('Log Out');102}103104$dialog->addSubmitButton($button);105return $dialog;106}107108return id(new AphrontRedirectResponse())->setURI('/');109}110111}112113114