From: Bill Erickson Date: Mon, 14 Feb 2011 18:31:50 +0000 (-0500) Subject: when authenticated, force the page to redirect the home page after the auth time... X-Git-Tag: opac-tt-poc-demo2~27^2~2 X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=c3a81e2b700da69cd551752b70369cd3b5083a20;p=evergreen%2Fequinox.git when authenticated, force the page to redirect the home page after the auth time has expired to protect patron data and prevent potentially confusing post-search-submit redirects --- diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm index 89d616b0bd..a7fc0a7715 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm @@ -139,13 +139,12 @@ sub load_common { $ctx->{path_info} = $self->cgi->path_info; $ctx->{opac_root} = $ctx->{base_path} . "/opac"; # absolute base url $ctx->{is_staff} = ($self->apache->headers_in->get('User-Agent') =~ 'oils_xulrunner'); + $ctx->{home_page} = 'http://' . $self->apache->hostname . $self->ctx->{opac_root} . "/home"; if($e->authtoken($self->cgi->cookie('ses'))) { if($e->checkauth) { - $self->apache->log->warn("authtime = " . $e->authtime); - $ctx->{authtoken} = $e->authtoken; $ctx->{authtime} = $e->authtime; $ctx->{user} = $e->requestor; @@ -234,11 +233,9 @@ sub load_login { sub load_logout { my $self = shift; - my $url = 'http://' . $self->apache->hostname . $self->ctx->{opac_root} . "/home"; - $self->apache->print( $self->cgi->redirect( - -url => $url, + -url => $self->ctx->{home_page}, -cookie => $self->cgi->cookie( -name => 'ses', -path => '/', diff --git a/Open-ILS/web/templates/default/opac/parts/base.tt2 b/Open-ILS/web/templates/default/opac/parts/base.tt2 index 27652a5e13..c83cb88e39 100644 --- a/Open-ILS/web/templates/default/opac/parts/base.tt2 +++ b/Open-ILS/web/templates/default/opac/parts/base.tt2 @@ -2,6 +2,9 @@ + [% IF ctx.authtime %] + + [% END %]