[Lift] Re: Cookie not being removed for custom user logout
I just did a little test: 1. When redering page1 I'm setting a cookie. I'm also rendering a link like: SHtml.link(/page2, () = { S.deleteCookie(marius) }, Text(Got to /page1 and remove cookie)) 2. When I click the link page2 is rendered and in the HTTP header I am seeing the cookie being sent down to browser with no value and the expires is (1-1-1970 ). Which is correct. Br's, Marius On Aug 15, 1:30 pm, Richard Dallaway dalla...@gmail.com wrote: Thank you for the debugging clue (very handy function; I can see myself using that in other situations). What I see when the logout link is followed is: List() When I set the cookie originally, I do see a List(HTTPCookie(...)) I'm running all of this on 127.0.0.1:8080. Thanks Richard On Sat, Aug 15, 2009 at 8:37 AM, marius d.marius.dan...@gmail.com wrote: Your code looks fine to me. There is notmagic withXHtml.link just that when you click the link on server-side your function gets called before the /logout page gets rendered. Can you add a function to LiftRules.onEndServicing ? LiftRules.onEndServicing.append { case (req, Full(resp)) = val cookies = resp.toResponse.cookies // trace the cookies case _ = } Br's, Marius On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote: I'm seeing some odd behaviour with a cookie I'm setting not being removed. I'm unsure which phase of my code is broken or how deep my misunderstandings are here... so I'm looking for some clues. I'm setting a keep me logged in cookie for users of my application. That works fine using... val c = HTTPCookie(COOKIE_NAME, encode(user)).setMaxAge(three_months_as_seconds) S.addCookie(c) The encode(user) is, when all is said and done, returning the user PK as the cookie value. I'm not using ProtoUser, I'm using the scheme outlined inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26 That is, I have... object LoginContext { object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId) // etc... } ...and the findUserId function tries to decode the cookie and find a matching user: def findUserId:Box[Long] = for { cookie - S.findCookie(COOKIE_NAME); cookie_value - cookie.value; (id, salt) - decode(cookie_value); u - User.find(By(User.id, id),By(User.salt,salt)) } yield { println(u) id } And that's all working for me. The problem comes when the user clicks the logout link, and I want to remove this cookie. The logout link is: SHtml.link(/logout, LoginContext.logout, spanLogout/span ) ... and LoginContext.logout is KeepMeLoggedIn.removeCookie() // the above is just: S.deleteCookie(COOKIE_NAME) userId.remove() currentUser.remove() S.request.foreach(_.request.session.terminate) And for completeness, my /logout page is a redirect to the home page: Menu(Loc(logout, List(logout) - false, Logout, Hidden, If( ()=false, ()=RedirectResponse(/index)) )) What I'm seeing is: - user clicks logout - logout function called, and Jetty tells me /logout took N milliseconds to render - then I'm seeing activity in the findUserId function, a result is found, and the user is logged back in again. - then Jetty tells me /index took N milliseconds to render. When I dig into HTTP headers, I'm not seeing the cookie value being set in the response header (which I believe is required to remove it). I'm guessing my confusion is perhaps over how the SHtml.link magic works? Any suggestions of where I might poke around next? I'm using 1.1-SNAPSHOT (updated a few hours ago). Thank you Richard --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Cookie not being removed for custom user logout
Your code looks fine to me. There is notmagic withXHtml.link just that when you click the link on server-side your function gets called before the /logout page gets rendered. Can you add a function to LiftRules.onEndServicing ? LiftRules.onEndServicing.append { case (req, Full(resp)) = val cookies = resp.toResponse.cookies // trace the cookies case _ = } Br's, Marius On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote: I'm seeing some odd behaviour with a cookie I'm setting not being removed. I'm unsure which phase of my code is broken or how deep my misunderstandings are here... so I'm looking for some clues. I'm setting a keep me logged in cookie for users of my application. That works fine using... val c = HTTPCookie(COOKIE_NAME, encode(user)).setMaxAge(three_months_as_seconds) S.addCookie(c) The encode(user) is, when all is said and done, returning the user PK as the cookie value. I'm not using ProtoUser, I'm using the scheme outlined inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26 That is, I have... object LoginContext { object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId) // etc... } ...and the findUserId function tries to decode the cookie and find a matching user: def findUserId:Box[Long] = for { cookie - S.findCookie(COOKIE_NAME); cookie_value - cookie.value; (id, salt) - decode(cookie_value); u - User.find(By(User.id, id),By(User.salt,salt)) } yield { println(u) id } And that's all working for me. The problem comes when the user clicks the logout link, and I want to remove this cookie. The logout link is: SHtml.link(/logout, LoginContext.logout, spanLogout/span ) ... and LoginContext.logout is KeepMeLoggedIn.removeCookie() // the above is just: S.deleteCookie(COOKIE_NAME) userId.remove() currentUser.remove() S.request.foreach(_.request.session.terminate) And for completeness, my /logout page is a redirect to the home page: Menu(Loc(logout, List(logout) - false, Logout, Hidden, If( ()=false, ()=RedirectResponse(/index)) )) What I'm seeing is: - user clicks logout - logout function called, and Jetty tells me /logout took N milliseconds to render - then I'm seeing activity in the findUserId function, a result is found, and the user is logged back in again. - then Jetty tells me /index took N milliseconds to render. When I dig into HTTP headers, I'm not seeing the cookie value being set in the response header (which I believe is required to remove it). I'm guessing my confusion is perhaps over how the SHtml.link magic works? Any suggestions of where I might poke around next? I'm using 1.1-SNAPSHOT (updated a few hours ago). Thank you Richard --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Cookie not being removed for custom user logout
Thank you for the debugging clue (very handy function; I can see myself using that in other situations). What I see when the logout link is followed is: List() When I set the cookie originally, I do see a List(HTTPCookie(...)) I'm running all of this on 127.0.0.1:8080. Thanks Richard On Sat, Aug 15, 2009 at 8:37 AM, marius d.marius.dan...@gmail.com wrote: Your code looks fine to me. There is notmagic withXHtml.link just that when you click the link on server-side your function gets called before the /logout page gets rendered. Can you add a function to LiftRules.onEndServicing ? LiftRules.onEndServicing.append { case (req, Full(resp)) = val cookies = resp.toResponse.cookies // trace the cookies case _ = } Br's, Marius On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote: I'm seeing some odd behaviour with a cookie I'm setting not being removed. I'm unsure which phase of my code is broken or how deep my misunderstandings are here... so I'm looking for some clues. I'm setting a keep me logged in cookie for users of my application. That works fine using... val c = HTTPCookie(COOKIE_NAME, encode(user)).setMaxAge(three_months_as_seconds) S.addCookie(c) The encode(user) is, when all is said and done, returning the user PK as the cookie value. I'm not using ProtoUser, I'm using the scheme outlined inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26 That is, I have... object LoginContext { object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId) // etc... } ...and the findUserId function tries to decode the cookie and find a matching user: def findUserId:Box[Long] = for { cookie - S.findCookie(COOKIE_NAME); cookie_value - cookie.value; (id, salt) - decode(cookie_value); u - User.find(By(User.id, id),By(User.salt,salt)) } yield { println(u) id } And that's all working for me. The problem comes when the user clicks the logout link, and I want to remove this cookie. The logout link is: SHtml.link(/logout, LoginContext.logout, spanLogout/span ) ... and LoginContext.logout is KeepMeLoggedIn.removeCookie() // the above is just: S.deleteCookie(COOKIE_NAME) userId.remove() currentUser.remove() S.request.foreach(_.request.session.terminate) And for completeness, my /logout page is a redirect to the home page: Menu(Loc(logout, List(logout) - false, Logout, Hidden, If( ()=false, ()=RedirectResponse(/index)) )) What I'm seeing is: - user clicks logout - logout function called, and Jetty tells me /logout took N milliseconds to render - then I'm seeing activity in the findUserId function, a result is found, and the user is logged back in again. - then Jetty tells me /index took N milliseconds to render. When I dig into HTTP headers, I'm not seeing the cookie value being set in the response header (which I believe is required to remove it). I'm guessing my confusion is perhaps over how the SHtml.link magic works? Any suggestions of where I might poke around next? I'm using 1.1-SNAPSHOT (updated a few hours ago). Thank you Richard --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Cookie not being removed for custom user logout
I've made some progress with this. By changing my link to go to a different page, I do see the cookie being removed. So by going from... SHtml.link(/logout, LoginContext.logout, spanLogout/span ) to SHtml.link(/blank, LoginContext.logout, spanLogout/span ) It works: the cookie is deleted when the user clicks the logout link. The menu items are now: Menu(Loc(logout, List(logout) - false, Logout, Hidden, If( ()=false, ()=RedirectResponse(/blank)) )) :: Menu(Loc(blank, List(blank) - false, Blank, Hidden )) :: ...and blank is blank.html which contains pThis page intentionally blank./p The reason for the RedirectResponse is to (eventually) send the user to the /index (home page)... but I send them to blank.html at the moment while I'm working through this issue. I'll go read up on RedirectResponse ... Cheers Richard On Sat, Aug 15, 2009 at 11:30 AM, Richard Dallawaydalla...@gmail.com wrote: Thank you for the debugging clue (very handy function; I can see myself using that in other situations). What I see when the logout link is followed is: List() When I set the cookie originally, I do see a List(HTTPCookie(...)) I'm running all of this on 127.0.0.1:8080. Thanks Richard On Sat, Aug 15, 2009 at 8:37 AM, marius d.marius.dan...@gmail.com wrote: Your code looks fine to me. There is notmagic withXHtml.link just that when you click the link on server-side your function gets called before the /logout page gets rendered. Can you add a function to LiftRules.onEndServicing ? LiftRules.onEndServicing.append { case (req, Full(resp)) = val cookies = resp.toResponse.cookies // trace the cookies case _ = } Br's, Marius On Aug 14, 8:20 pm, Richard Dallaway dalla...@gmail.com wrote: I'm seeing some odd behaviour with a cookie I'm setting not being removed. I'm unsure which phase of my code is broken or how deep my misunderstandings are here... so I'm looking for some clues. I'm setting a keep me logged in cookie for users of my application. That works fine using... val c = HTTPCookie(COOKIE_NAME, encode(user)).setMaxAge(three_months_as_seconds) S.addCookie(c) The encode(user) is, when all is said and done, returning the user PK as the cookie value. I'm not using ProtoUser, I'm using the scheme outlined inhttp://groups.google.com/group/liftweb/msg/85a8e790d5efec26 That is, I have... object LoginContext { object userId extends SessionVar[Box[Long]](KeepMeLoggedIn.findUserId) // etc... } ...and the findUserId function tries to decode the cookie and find a matching user: def findUserId:Box[Long] = for { cookie - S.findCookie(COOKIE_NAME); cookie_value - cookie.value; (id, salt) - decode(cookie_value); u - User.find(By(User.id, id),By(User.salt,salt)) } yield { println(u) id } And that's all working for me. The problem comes when the user clicks the logout link, and I want to remove this cookie. The logout link is: SHtml.link(/logout, LoginContext.logout, spanLogout/span ) ... and LoginContext.logout is KeepMeLoggedIn.removeCookie() // the above is just: S.deleteCookie(COOKIE_NAME) userId.remove() currentUser.remove() S.request.foreach(_.request.session.terminate) And for completeness, my /logout page is a redirect to the home page: Menu(Loc(logout, List(logout) - false, Logout, Hidden, If( ()=false, ()=RedirectResponse(/index)) )) What I'm seeing is: - user clicks logout - logout function called, and Jetty tells me /logout took N milliseconds to render - then I'm seeing activity in the findUserId function, a result is found, and the user is logged back in again. - then Jetty tells me /index took N milliseconds to render. When I dig into HTTP headers, I'm not seeing the cookie value being set in the response header (which I believe is required to remove it). I'm guessing my confusion is perhaps over how the SHtml.link magic works? Any suggestions of where I might poke around next? I'm using 1.1-SNAPSHOT (updated a few hours ago). Thank you Richard --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---