[Lift] Re: Cookie not being removed for custom user logout
I just did a little test:
1. When redering page1 I'm setting a cookie. I'm also rendering a link
like:
SHtml.link(/page2, () = {
S.deleteCookie(marius)
}, Text(Got to /page1 and remove cookie))
2. When I click the link page2 is rendered and in the HTTP header I am
seeing the cookie being sent down to browser with no value and the
expires is (1-1-1970 ). Which is correct.
Br's,
Marius
On Aug 15, 1:30 pm, Richard Dallaway dalla...@gmail.com wrote:
Thank you for the debugging clue (very handy function; I can see
myself using that in other situations).
What I see when the logout link is followed is:
List()
When I set the cookie originally, I do see a List(HTTPCookie(...))
I'm running all of this on 127.0.0.1:8080.
Thanks
Richard
On Sat, Aug 15, 2009 at 8:37 AM, marius d.marius.dan...@gmail.com wrote:
Your code looks fine to me. There is notmagic withXHtml.link just that
when you click the link on server-side your function gets called
before the /logout page gets rendered.
Can you add a function to LiftRules.onEndServicing ?
LiftRules.onEndServicing.append {
case (req, Full(resp)) =
val cookies = resp.toResponse.cookies
// trace the cookies
case _ =
}
Br's,
Marius
On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote:
I'm seeing some odd behaviour with a cookie I'm setting not being
removed. I'm unsure which phase of my code is broken or how deep my
misunderstandings are here... so I'm looking for some clues.
I'm setting a keep me logged in cookie for users of my application.
That works fine using...
val c = HTTPCookie(COOKIE_NAME,
encode(user)).setMaxAge(three_months_as_seconds)
S.addCookie(c)
The encode(user) is, when all is said and done, returning the user PK
as the cookie value.
I'm not using ProtoUser, I'm using the scheme outlined
inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26
That is, I have...
object LoginContext {
object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId)
// etc...
}
...and the findUserId function tries to decode the cookie and find a
matching user:
def findUserId:Box[Long] = for {
cookie - S.findCookie(COOKIE_NAME);
cookie_value - cookie.value;
(id, salt) - decode(cookie_value);
u - User.find(By(User.id, id),By(User.salt,salt))
} yield {
println(u)
id
}
And that's all working for me.
The problem comes when the user clicks the logout link, and I want to
remove this cookie.
The logout link is:
SHtml.link(/logout, LoginContext.logout, spanLogout/span )
... and LoginContext.logout is
KeepMeLoggedIn.removeCookie()
// the above is just: S.deleteCookie(COOKIE_NAME)
userId.remove()
currentUser.remove()
S.request.foreach(_.request.session.terminate)
And for completeness, my /logout page is a redirect to the home page:
Menu(Loc(logout, List(logout) - false, Logout, Hidden, If(
()=false, ()=RedirectResponse(/index)) ))
What I'm seeing is:
- user clicks logout
- logout function called, and Jetty tells me /logout took N
milliseconds to render
- then I'm seeing activity in the findUserId function, a result is
found, and the user is logged back in again.
- then Jetty tells me /index took N milliseconds to render.
When I dig into HTTP headers, I'm not seeing the cookie value being
set in the response header (which I believe is required to remove it).
I'm guessing my confusion is perhaps over how the SHtml.link magic works?
Any suggestions of where I might poke around next?
I'm using 1.1-SNAPSHOT (updated a few hours ago).
Thank you
Richard
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
[Lift] Re: Cookie not being removed for custom user logout
Your code looks fine to me. There is notmagic withXHtml.link just that
when you click the link on server-side your function gets called
before the /logout page gets rendered.
Can you add a function to LiftRules.onEndServicing ?
LiftRules.onEndServicing.append {
case (req, Full(resp)) =
val cookies = resp.toResponse.cookies
// trace the cookies
case _ =
}
Br's,
Marius
On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote:
I'm seeing some odd behaviour with a cookie I'm setting not being
removed. I'm unsure which phase of my code is broken or how deep my
misunderstandings are here... so I'm looking for some clues.
I'm setting a keep me logged in cookie for users of my application.
That works fine using...
val c = HTTPCookie(COOKIE_NAME,
encode(user)).setMaxAge(three_months_as_seconds)
S.addCookie(c)
The encode(user) is, when all is said and done, returning the user PK
as the cookie value.
I'm not using ProtoUser, I'm using the scheme outlined
inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26
That is, I have...
object LoginContext {
object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId)
// etc...
}
...and the findUserId function tries to decode the cookie and find a
matching user:
def findUserId:Box[Long] = for {
cookie - S.findCookie(COOKIE_NAME);
cookie_value - cookie.value;
(id, salt) - decode(cookie_value);
u - User.find(By(User.id, id),By(User.salt,salt))
} yield {
println(u)
id
}
And that's all working for me.
The problem comes when the user clicks the logout link, and I want to
remove this cookie.
The logout link is:
SHtml.link(/logout, LoginContext.logout, spanLogout/span )
... and LoginContext.logout is
KeepMeLoggedIn.removeCookie()
// the above is just: S.deleteCookie(COOKIE_NAME)
userId.remove()
currentUser.remove()
S.request.foreach(_.request.session.terminate)
And for completeness, my /logout page is a redirect to the home page:
Menu(Loc(logout, List(logout) - false, Logout, Hidden, If(
()=false, ()=RedirectResponse(/index)) ))
What I'm seeing is:
- user clicks logout
- logout function called, and Jetty tells me /logout took N
milliseconds to render
- then I'm seeing activity in the findUserId function, a result is
found, and the user is logged back in again.
- then Jetty tells me /index took N milliseconds to render.
When I dig into HTTP headers, I'm not seeing the cookie value being
set in the response header (which I believe is required to remove it).
I'm guessing my confusion is perhaps over how the SHtml.link magic works?
Any suggestions of where I might poke around next?
I'm using 1.1-SNAPSHOT (updated a few hours ago).
Thank you
Richard
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
[Lift] Re: Cookie not being removed for custom user logout
Thank you for the debugging clue (very handy function; I can see
myself using that in other situations).
What I see when the logout link is followed is:
List()
When I set the cookie originally, I do see a List(HTTPCookie(...))
I'm running all of this on 127.0.0.1:8080.
Thanks
Richard
On Sat, Aug 15, 2009 at 8:37 AM, marius d.marius.dan...@gmail.com wrote:
Your code looks fine to me. There is notmagic withXHtml.link just that
when you click the link on server-side your function gets called
before the /logout page gets rendered.
Can you add a function to LiftRules.onEndServicing ?
LiftRules.onEndServicing.append {
case (req, Full(resp)) =
val cookies = resp.toResponse.cookies
// trace the cookies
case _ =
}
Br's,
Marius
On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote:
I'm seeing some odd behaviour with a cookie I'm setting not being
removed. I'm unsure which phase of my code is broken or how deep my
misunderstandings are here... so I'm looking for some clues.
I'm setting a keep me logged in cookie for users of my application.
That works fine using...
val c = HTTPCookie(COOKIE_NAME,
encode(user)).setMaxAge(three_months_as_seconds)
S.addCookie(c)
The encode(user) is, when all is said and done, returning the user PK
as the cookie value.
I'm not using ProtoUser, I'm using the scheme outlined
inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26
That is, I have...
object LoginContext {
object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId)
// etc...
}
...and the findUserId function tries to decode the cookie and find a
matching user:
def findUserId:Box[Long] = for {
cookie - S.findCookie(COOKIE_NAME);
cookie_value - cookie.value;
(id, salt) - decode(cookie_value);
u - User.find(By(User.id, id),By(User.salt,salt))
} yield {
println(u)
id
}
And that's all working for me.
The problem comes when the user clicks the logout link, and I want to
remove this cookie.
The logout link is:
SHtml.link(/logout, LoginContext.logout, spanLogout/span )
... and LoginContext.logout is
KeepMeLoggedIn.removeCookie()
// the above is just: S.deleteCookie(COOKIE_NAME)
userId.remove()
currentUser.remove()
S.request.foreach(_.request.session.terminate)
And for completeness, my /logout page is a redirect to the home page:
Menu(Loc(logout, List(logout) - false, Logout, Hidden, If(
()=false, ()=RedirectResponse(/index)) ))
What I'm seeing is:
- user clicks logout
- logout function called, and Jetty tells me /logout took N
milliseconds to render
- then I'm seeing activity in the findUserId function, a result is
found, and the user is logged back in again.
- then Jetty tells me /index took N milliseconds to render.
When I dig into HTTP headers, I'm not seeing the cookie value being
set in the response header (which I believe is required to remove it).
I'm guessing my confusion is perhaps over how the SHtml.link magic works?
Any suggestions of where I might poke around next?
I'm using 1.1-SNAPSHOT (updated a few hours ago).
Thank you
Richard
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
[Lift] Re: Cookie not being removed for custom user logout
I've made some progress with this. By changing my link to go to a
different page, I do see the cookie being removed.
So by going from...
SHtml.link(/logout, LoginContext.logout, spanLogout/span )
to
SHtml.link(/blank, LoginContext.logout, spanLogout/span )
It works: the cookie is deleted when the user clicks the logout link.
The menu items are now:
Menu(Loc(logout, List(logout) - false, Logout, Hidden, If(
()=false, ()=RedirectResponse(/blank)) )) ::
Menu(Loc(blank, List(blank) - false, Blank, Hidden )) ::
...and blank is blank.html which contains pThis page intentionally blank./p
The reason for the RedirectResponse is to (eventually) send the user
to the /index (home page)... but I send them to blank.html at the
moment while I'm working through this issue.
I'll go read up on RedirectResponse ...
Cheers
Richard
On Sat, Aug 15, 2009 at 11:30 AM, Richard Dallawaydalla...@gmail.com wrote:
Thank you for the debugging clue (very handy function; I can see
myself using that in other situations).
What I see when the logout link is followed is:
List()
When I set the cookie originally, I do see a List(HTTPCookie(...))
I'm running all of this on 127.0.0.1:8080.
Thanks
Richard
On Sat, Aug 15, 2009 at 8:37 AM, marius d.marius.dan...@gmail.com wrote:
Your code looks fine to me. There is notmagic withXHtml.link just that
when you click the link on server-side your function gets called
before the /logout page gets rendered.
Can you add a function to LiftRules.onEndServicing ?
LiftRules.onEndServicing.append {
case (req, Full(resp)) =
val cookies = resp.toResponse.cookies
// trace the cookies
case _ =
}
Br's,
Marius
On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote:
I'm seeing some odd behaviour with a cookie I'm setting not being
removed. I'm unsure which phase of my code is broken or how deep my
misunderstandings are here... so I'm looking for some clues.
I'm setting a keep me logged in cookie for users of my application.
That works fine using...
val c = HTTPCookie(COOKIE_NAME,
encode(user)).setMaxAge(three_months_as_seconds)
S.addCookie(c)
The encode(user) is, when all is said and done, returning the user PK
as the cookie value.
I'm not using ProtoUser, I'm using the scheme outlined
inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26
That is, I have...
object LoginContext {
object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId)
// etc...
}
...and the findUserId function tries to decode the cookie and find a
matching user:
def findUserId:Box[Long] = for {
cookie - S.findCookie(COOKIE_NAME);
cookie_value - cookie.value;
(id, salt) - decode(cookie_value);
u - User.find(By(User.id, id),By(User.salt,salt))
} yield {
println(u)
id
}
And that's all working for me.
The problem comes when the user clicks the logout link, and I want to
remove this cookie.
The logout link is:
SHtml.link(/logout, LoginContext.logout, spanLogout/span )
... and LoginContext.logout is
KeepMeLoggedIn.removeCookie()
// the above is just: S.deleteCookie(COOKIE_NAME)
userId.remove()
currentUser.remove()
S.request.foreach(_.request.session.terminate)
And for completeness, my /logout page is a redirect to the home page:
Menu(Loc(logout, List(logout) - false, Logout, Hidden, If(
()=false, ()=RedirectResponse(/index)) ))
What I'm seeing is:
- user clicks logout
- logout function called, and Jetty tells me /logout took N
milliseconds to render
- then I'm seeing activity in the findUserId function, a result is
found, and the user is logged back in again.
- then Jetty tells me /index took N milliseconds to render.
When I dig into HTTP headers, I'm not seeing the cookie value being
set in the response header (which I believe is required to remove it).
I'm guessing my confusion is perhaps over how the SHtml.link magic works?
Any suggestions of where I might poke around next?
I'm using 1.1-SNAPSHOT (updated a few hours ago).
Thank you
Richard
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
