From ee8791a87bc42570689a74bdf5b4abec1d93344a Mon Sep 17 00:00:00 2001
From: Andrea Lepori <alepori@student.ethz.ch>
Date: Wed, 27 Apr 2022 21:56:26 +0200
Subject: multiuser logout support

---
 accounts/views.py                       | 47 ++++++++++++++++++++++++++++++++-
 templates/registration/base_admin.html  |  3 +--
 templates/registration/base_client.html |  3 +--
 version.txt                             |  2 +-
 4 files changed, 49 insertions(+), 6 deletions(-)

diff --git a/accounts/views.py b/accounts/views.py
index 67e8911..ecaab4a 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -108,6 +108,41 @@ class CustomLoginView(LoginView):
     form_class = AuthForm
     extra_context = {'midata_enabled': MIDATA_ENABLED}
 
+    def get(self, request, *args, **kwargs):
+        # check auto-login is enabled
+        if "autologin" not in request.COOKIES:
+            return super(CustomLoginView, self).get(request, *args, **kwargs)
+
+        if request.COOKIES.get("autologin") != "true":
+            return super(CustomLoginView, self).get(request, *args, **kwargs)
+
+        # check if user has a cookie saved
+        response = HttpResponseRedirect("/")
+
+        sessions = dict()
+        # no cookie
+        if "user_switcher" not in request.COOKIES:
+            return super(CustomLoginView, self).get(request, *args, **kwargs)
+
+        sessions = json.loads(request.COOKIES.get("user_switcher"))
+
+        # empty cookie
+        if len(sessions) == 0: 
+            return super(CustomLoginView, self).get(request, *args, **kwargs)
+
+        # pick the first username to login to
+        username = list(sessions.keys())[0]
+
+        set_session_cookie(response, sessions[username][0], sessions[username][1])
+        del sessions[username]
+
+        set_switch_cookie(response, sessions)
+
+        # disable autologin
+        response.set_cookie("autologin", "false")
+
+        return response
+
 # send to hitobito request to get token
 def oauth_login(request):
     if not MIDATA_ENABLED:
@@ -260,10 +295,11 @@ def user_switcher(request):
             set_switch_cookie(response, sessions)
 
             response.set_cookie("sessionid", "")
+            response.set_cookie("autologin", "false")
 
             return response
 
-        if request.POST["metadata"][0] == 's':
+        elif request.POST["metadata"][0] == 's':
             response = HttpResponseRedirect("/")
             username = request.POST["metadata"][1:]
 
@@ -281,6 +317,15 @@ def user_switcher(request):
 
             set_switch_cookie(response, sessions)
 
+            response.set_cookie("autologin", "false")
+
+            return response
+        elif request.POST["metadata"] == "logout":
+            # send user to logout page
+            # on the login page we check if we have a cookie set
+            response = HttpResponseRedirect("/accounts/logout")
+            response.set_cookie("autologin", "true")
+
             return response
 
     
diff --git a/templates/registration/base_admin.html b/templates/registration/base_admin.html
index c24255b..edc3bae 100644
--- a/templates/registration/base_admin.html
+++ b/templates/registration/base_admin.html
@@ -95,7 +95,7 @@
             <li><a class="modal-trigger" href="#modal_capi"><i class="material-icons">list</i>Lista documenti</a></li>
           {% endif %}
 
-          <li><a href="{% url 'logout' %}"><i class="material-icons">exit_to_app</i>Logout</a></li>
+          <li><a onclick="switcher_submit('logout')"><i class="material-icons">exit_to_app</i>Logout</a></li>
           <li class="divider" tabindex="-1"></li>
           <li class="divider" tabindex="-1"></li>
           <li class="divider" tabindex="-1"></li>
@@ -105,7 +105,6 @@
               <li><a onclick="switcher_submit('s{{username}}')">{{username}}</a></li>
             {% endif %}
           {% endfor %}
-          <li class="divider" tabindex="-1"></li>
           <li><a onclick="switcher_submit('new')"><i class="material-icons">person_add</i>Aggiungi un altro utente</a></li>
           <li class="divider" tabindex="-1"></li>
           <li class="divider" tabindex="-1"></li>
diff --git a/templates/registration/base_client.html b/templates/registration/base_client.html
index c2483b8..c4e62b6 100644
--- a/templates/registration/base_client.html
+++ b/templates/registration/base_client.html
@@ -119,7 +119,7 @@
             <li><a class="modal-trigger" href="#modal_capi"><i class="material-icons">list</i>Lista documenti</a></li>
           {% endif %}
 
-          <li><a href="{% url 'logout' %}"><i class="material-icons">exit_to_app</i>Logout</a></li>
+          <li><a onclick="switcher_submit('logout')"><i class="material-icons">exit_to_app</i>Logout</a></li>
           <li class="divider" tabindex="-1"></li>
           <li class="divider" tabindex="-1"></li>
           <li class="divider" tabindex="-1"></li>
@@ -129,7 +129,6 @@
               <li><a onclick="switcher_submit('s{{username}}')">{{username}}</a></li>
             {% endif %}
           {% endfor %}
-          <li class="divider" tabindex="-1"></li>
           <li><a onclick="switcher_submit('new')"><i class="material-icons">person_add</i>Aggiungi un altro utente</a></li>
           <li class="divider" tabindex="-1"></li>
           <li class="divider" tabindex="-1"></li>
diff --git a/version.txt b/version.txt
index a5da7b2..bd2c9de 100644
--- a/version.txt
+++ b/version.txt
@@ -1,2 +1,2 @@
 version=0.5
-rev=11
+rev=12
-- 
cgit v1.2.1