Odd problem with custom login/logout plugin


(Keith Newton) #1

I have a plugin that handles custom login/logout for a discourse site running on a subdomain:

Discourse.logout = function ()
{
	Discourse.User.logout().then(function ()
	{
		// Reloading will refresh unbound properties
		Discourse.KeyValueStore.abandonLocal();
		// delete the subdomain version of the cookie so that it doesn't override our root domain cookie
		document.cookie = '_t=; expires=Thu, 01 Jan 1970 00:00:01 GMT;';
		window.location.replace("https://mysite.com/Account/Logout?redirect=" + window.location.protocol + "//" + window.location.hostname);
	});
};

Discourse.ApplicationRoute = Em.Route.extend({
  events: {
    showLogin: function() {
	window.location.href = "https://mysite.com?dialog=" + JSON.stringify({ Name: "Login", Arguments: { Redirect: window.location.protocol + "//" + window.location.hostname } });
    }
  }
});

On the root site (https://mysite.com) it writes the underscore t auth token cookie with the domain .mysite.com and then redirects back to the forums (http://forums.mysite.com). If this is the first time logging in there’s no problem. If I log out and then log back in on the root site discourse will not show the user as logged in after the redirect even though the proper underscore t auth token cookie has been written. If I immediately hit the refresh button a few times discourse will still not show the user as logged in. If I wait ~30 seconds to a minute and then hit refresh all of the sudden the user is logged in. Any help would be greatly appreciated!


(Keith Newton) #2

Ok I managed to fix this. I figured the issue had something to do with caching but I wasn’t sure where the caching was occuring until I noticed that my browser was caching the entire request. I was able to workaround it thanks to stackoverflow by adding an unused parameter to the redirect:

Discourse.ApplicationRoute.reopen({
	actions:
	{
		showLogin: function()
		{
			// NOTE: We add a bogus parameter 'invalidatecache' to make sure that when the page is reloaded we don't pull the page from the cache
			window.location.href = "https://mysite.com?dialog=" + JSON.stringify({ Name: "Login", Arguments: { Redirect: window.location.protocol + "//" + window.location.hostname  + "?invalidatecache=" + Math.floor(Math.random() * 100000) } });
		}
	}
});

(CJ) #3

@corillian Does this fix still work for recent versions of Discourse? Versions 1.2 and 1.3beta1?

Would you mind open-sourcing your plugin? I have a similar plugin I’ve been working on here “discourse-login-redirect” and I’ve run into the same issue with subdomains and the _t and I’ve been trying your solution.