Feature #43575
AuthenticationManager logout should destroy session explicitly
| Status: | Resolved | Start date: | 2012-12-04 | |
|---|---|---|---|---|
| Priority: | Should have | Due date: | ||
| Assigned To: | Christopher Hlubek | % Done: | 100% |
|
| Category: | - | |||
| Target version: | - | |||
| PHP Version: | Complexity: | |||
| Has patch: | No |
Description
The session is currently destroyed through a signal emitted on logout (loggedOut). The AuthenticationManager should check if the session is started at all and should allow signal receivers to inspect the session before destroying it.
Associated revisions
[FEATURE] Destroy session explicitly in logout
This change moves the call to Session->destroy() from a signal
to the AuthenticationProviderManager that already has the current
session as a dependency.
The "emitLoggedOut" signal is emitted before the session is
destroyed to allow other slots to inspect the session.
Change-Id: I7f70f930b6060c3ad031ae4278d264681b812036
Releases: 1.2
Resolves: #43575
History
#1 Updated by Gerrit Code Review over 2 years ago
- Status changed from New to Under Review
Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/16948
#2 Updated by Christopher Hlubek over 2 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 15e1aa055fa153e13d57cd181a63f908f2f5525b.