LogoutHandler::logout() - Code Metrics - silverstripe/silverstripe-framework - Measure and Improve Code Quality continuously with Scrutinizer

LogoutHandler::logout() A
last analyzed 2020-06-18 12:14 UTC

↳ Parent: LogoutHandler

Complexity

Conditions	3
Paths	2

Size

Total Lines	21
Code Lines	10

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
eloc	10
nc	2
nop	0
dl	0
loc	21
rs	9.9332
c	0
b	0
f	0

<?php

namespace SilverStripe\Security\MemberAuthenticator;

use SilverStripe\Control\Controller;
use SilverStripe\Control\Director;
use SilverStripe\Control\HTTPResponse;
use SilverStripe\Control\RequestHandler;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\IdentityStore;
use SilverStripe\Security\LogoutForm;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;
use SilverStripe\Security\SecurityToken;

/**
 * Class LogoutHandler handles logging out Members from their session and/or cookie.
 * The logout process destroys all traces of the member on the server (not the actual computer user
 * at the other end of the line, don't worry)
 *
 */
class LogoutHandler extends RequestHandler
{
    /**
     * @var array
     */
    private static $url_handlers = [

        '' => 'logout'
    ];

    /**
     * @var array
     */
    private static $allowed_actions = [

        'logout',
        'LogoutForm'
    ];


    /**
     * Log out form handler method
     *
     * This method is called when the user clicks on "logout" on the form
     * created when the parameter <i>$checkCurrentUser</i> of the
     * {@link __construct constructor} was set to TRUE and the user was
     * currently logged in.
     *
     * @return array|HTTPResponse
     */
    public function logout()
    {
        $member = Security::getCurrentUser();

        // If the user doesn't have a security token, show them a form where they can get one.
        // This protects against nuisance CSRF attacks to log out users.
        if ($member && !SecurityToken::inst()->checkRequest($this->getRequest())) {
            Security::singleton()->setSessionMessage(
                _t(
                    'SilverStripe\\Security\\Security.CONFIRMLOGOUT',
                    "Please click the button below to confirm that you wish to log out."
                ),
                ValidationResult::TYPE_WARNING
            );

            return [
                'Form' => $this->logoutForm()
            ];
        }

        return $this->doLogOut($member);
    }

    /**
     * @return LogoutForm
     */
    public function logoutForm()
    {
        return LogoutForm::create($this);
    }

    /**
     * @param Member $member
     * @return HTTPResponse
     */
    public function doLogOut($member)
    {
        $this->extend('beforeLogout');

        if ($member instanceof Member) {

            Injector::inst()->get(IdentityStore::class)->logOut($this->getRequest());
        }

        if (Security::getCurrentUser()) {
            $this->extend('failedLogout');
        } else {
            $this->extend('afterLogout');
        }

        return $this->redirectAfterLogout();
    }

    /**
     * @return HTTPResponse
     */
    protected function redirectAfterLogout()
    {
        $backURL = $this->getBackURL();
        if ($backURL) {
            return $this->redirect($backURL);
        }

        $link = Security::config()->get('login_url');
        $referer = $this->getReturnReferer();
        if ($referer) {
            $link = Controller::join_links($link, '?' . http_build_query([
                'BackURL' => Director::makeRelative($referer)
            ]));
        }

        return $this->redirect($link);
    }
}


1			<?php
2
3			namespace SilverStripe\Security\MemberAuthenticator;
4
5			use SilverStripe\Control\Controller;
6			use SilverStripe\Control\Director;
7			use SilverStripe\Control\HTTPResponse;
8			use SilverStripe\Control\RequestHandler;
9			use SilverStripe\Core\Injector\Injector;
10			use SilverStripe\ORM\ValidationResult;
11			use SilverStripe\Security\IdentityStore;
12			use SilverStripe\Security\LogoutForm;
13			use SilverStripe\Security\Member;
14			use SilverStripe\Security\Security;
15			use SilverStripe\Security\SecurityToken;
16
17			/**
18			* Class LogoutHandler handles logging out Members from their session and/or cookie.
19			* The logout process destroys all traces of the member on the server (not the actual computer user
20			* at the other end of the line, don't worry)
21			*
22			*/
23			class LogoutHandler extends RequestHandler
24			{
25			/**
26			* @var array
27			*/
28			private static $url_handlers = [
			0 ignored issues – show introduced 2017-11-28 04:26 UTC by Report Bug Copy Issue Report The private property `$url_handlers` is not used, and could be removed. Loading history...
29			'' => 'logout'
30			];
31
32			/**
33			* @var array
34			*/
35			private static $allowed_actions = [
			0 ignored issues – show introduced 2017-11-28 04:26 UTC by Report Bug Copy Issue Report The private property `$allowed_actions` is not used, and could be removed. Loading history...
36			'logout',
37			'LogoutForm'
38			];
39
40
41			/**
42			* Log out form handler method
43			*
44			* This method is called when the user clicks on "logout" on the form
45			* created when the parameter <i>$checkCurrentUser</i> of the
46			* {@link __construct constructor} was set to TRUE and the user was
47			* currently logged in.
48			*
49			* @return array\|HTTPResponse
50			*/
51			public function logout()
52			{
53			$member = Security::getCurrentUser();
54
55			// If the user doesn't have a security token, show them a form where they can get one.
56			// This protects against nuisance CSRF attacks to log out users.
57			if ($member && !SecurityToken::inst()->checkRequest($this->getRequest())) {
58			Security::singleton()->setSessionMessage(
59			_t(
60			'SilverStripe\\Security\\Security.CONFIRMLOGOUT',
61			"Please click the button below to confirm that you wish to log out."
62			),
63			ValidationResult::TYPE_WARNING
64			);
65
66			return [
67			'Form' => $this->logoutForm()
68			];
69			}
70
71			return $this->doLogOut($member);
72			}
73
74			/**
75			* @return LogoutForm
76			*/
77			public function logoutForm()
78			{
79			return LogoutForm::create($this);
80			}
81
82			/**
83			* @param Member $member
84			* @return HTTPResponse
85			*/
86			public function doLogOut($member)
87			{
88			$this->extend('beforeLogout');
89
90			if ($member instanceof Member) {
			0 ignored issues – show introduced 2018-10-19 16:08 UTC by Report Bug Copy Issue Report `$member` is always a sub-type of `SilverStripe\Security\Member`. Loading history...
91			Injector::inst()->get(IdentityStore::class)->logOut($this->getRequest());
92			}
93
94			if (Security::getCurrentUser()) {
95			$this->extend('failedLogout');
96			} else {
97			$this->extend('afterLogout');
98			}
99
100			return $this->redirectAfterLogout();
101			}
102
103			/**
104			* @return HTTPResponse
105			*/
106			protected function redirectAfterLogout()
107			{
108			$backURL = $this->getBackURL();
109			if ($backURL) {
110			return $this->redirect($backURL);
111			}
112
113			$link = Security::config()->get('login_url');
114			$referer = $this->getReturnReferer();
115			if ($referer) {
116			$link = Controller::join_links($link, '?' . http_build_query([
117			'BackURL' => Director::makeRelative($referer)
118			]));
119			}
120
121			return $this->redirect($link);
122			}
123			}
124

silverstripe / silverstripe-framework

LogoutHandler::logout() A last analyzed 2020-06-18 12:14 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

LogoutHandler::logout() A
last analyzed 2020-06-18 12:14 UTC