aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2018-09-02 06:00:06 +0200
committerGuilhem Moulin <guilhem@fripost.org>2018-09-02 06:05:34 +0200
commit7b4d5536c9df9673937deb0670b11240c02ce5a1 (patch)
tree2826a4ae0e29772daaa8d9ae3dd8bf1a1ee6af1e
parentc721370bc2c7ee369b292ba768cb20a9864a805c (diff)
Fripost::Session: Forget credentials when destroying the session.
-rw-r--r--lib/Fripost/Session.pm6
-rw-r--r--run.psgi1
2 files changed, 6 insertions, 1 deletions
diff --git a/lib/Fripost/Session.pm b/lib/Fripost/Session.pm
index 8cf6405..4408cf8 100644
--- a/lib/Fripost/Session.pm
+++ b/lib/Fripost/Session.pm
@@ -103,9 +103,10 @@ sub authenticate($%) {
return $fp;
}
-# authenticate(OPTION => VALUE, ..)
+# destroy(OPTION => VALUE, ..)
# Create a new Fripost object, authenticate (using SASL proxy
# authorization), and delete the entry on the LDAP backend.
+# The object shouldn't be used after using this method.
sub destroy($%) {
my $self = shift;
my %conf = @_;
@@ -117,6 +118,9 @@ sub destroy($%) {
my $r = $fp->{_ldap}->delete($dn);
$fp->croak("LDAP error code %i: %s\n", $r->code, $r->error)
unless $r->code == LDAP_SUCCESS;
+
+ # forget credentials in the object (now a blessed empty hash reference)
+ undef %$self;
}
1;
diff --git a/run.psgi b/run.psgi
index 8389118..3d5c90d 100644
--- a/run.psgi
+++ b/run.psgi
@@ -280,6 +280,7 @@ $builder->mount($WELCOME_PAGE => sub($) {
die "Internal error: ", $@;
} else {
# something went wrong...
+ $tmpl_params{AUTHZID} = "oops";
}
render( $req, "overview.html", %tmpl_params );