From 7b4d5536c9df9673937deb0670b11240c02ce5a1 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 2 Sep 2018 06:00:06 +0200
Subject: Fripost::Session: Forget credentials when destroying the session.

---
 lib/Fripost/Session.pm | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/Fripost/Session.pm b/lib/Fripost/Session.pm
index 8cf6405..4408cf8 100644
--- a/lib/Fripost/Session.pm
+++ b/lib/Fripost/Session.pm
@@ -103,9 +103,10 @@ sub authenticate($%) {
     return $fp;
 }
 
-# authenticate(OPTION => VALUE, ..)
+# destroy(OPTION => VALUE, ..)
 #   Create a new Fripost object, authenticate (using SASL proxy
 #   authorization), and delete the entry on the LDAP backend.
+#   The object shouldn't be used after using this method.
 sub destroy($%) {
     my $self = shift;
     my %conf = @_;
@@ -117,6 +118,9 @@ sub destroy($%) {
     my $r = $fp->{_ldap}->delete($dn);
     $fp->croak("LDAP error code %i: %s\n", $r->code, $r->error)
         unless $r->code == LDAP_SUCCESS;
+
+   # forget credentials in the object (now a blessed empty hash reference)
+   undef %$self;
 }
 
 1;
-- 
cgit v1.2.3