Change: set cookie path, add logout (delete cookie)HEADmaster

2 files changed, 11 insertions, 3 deletions

diff --git a/ickweb/app.py b/ickweb/app.py
index d8a79ae..f7ba7b7 100644
--- a/ickweb/app.py
+++ b/ickweb/app.py
@@ -2,6 +2,7 @@ import json
 import logging
 import logging.handlers
 import urllib
+import urllib.parse
 
 import bottle
 import requests
@@ -19,6 +20,9 @@ def create_app(our_url, controller, client_secret):
     app = bottle.Bottle()
     api = API(controller)
 
+    parts = urllib.parse.urlparse(our_url)
+    cookie_path = parts.path
+
     @app.route('/favicon.ico')
     def favicon():
         raise bottle.HTTPError(status=404)
@@ -79,6 +83,11 @@ def create_app(our_url, controller, client_secret):
         print('params:', params)
         return bottle.HTTPResponse(status=302, headers=headers)
 
+    @app.route('/web/logout')
+    def logout():
+        bottle.response.delete_cookie(COOKIE, path=cookie_path)
+        bottle.redirect('/web')
+
     @app.route('/web/projects')
     def projects():
         projects = api.get_projects()
@@ -123,7 +132,7 @@ def create_app(our_url, controller, client_secret):
         token = obj['access_token']
         print('got access token:', token)
 
-        bottle.response.set_cookie(COOKIE, token)
+        bottle.response.set_cookie(COOKIE, token, path=cookie_path)
         bottle.redirect('/web')
 
     return app
diff --git a/views/index.tpl b/views/index.tpl
index 52c2919..7e482a9 100644
--- a/views/index.tpl
+++ b/views/index.tpl
@@ -7,8 +7,7 @@
         <title>Ick</title>
     </head>
     <body>
-      <p>You ARE logged in. Well done!</p>
-      <p>Token is <code>{{ token }}</code></p>
+      <p>You ARE logged in. Well done! <a href="/web/logout">Logout</a></p>
       <p><a href="/web/projects">Projects</p>
       <p><a href="/web/builds">Builds</p>
     </body>