Opened 4 years ago
Closed 4 years ago
#1486042 closed Feature Requests (fixed)
Add logout_after plugin hook
| Reported by: | alexli | Owned by: | |
|---|---|---|---|
| Priority: | 5 | Milestone: | 0.3-stable |
| Component: | Plugin API | Version: | git-master |
| Severity: | normal | Keywords: | |
| Cc: | li@… |
Description
I'd like to suggest adding a logout_after plugin hook that allows plugins to perform custom actions during logout, similar to how the login_after hook allows plugins to change the redirection url following login. Applications of this hook include single sign-on plugin such as the one that I'm writing, where the user should be logged out of the SSO server while the user is logging out of RoundCube.
Attachments (1)
Change History (6)
Changed 4 years ago by alexli
comment:1 follow-up: ↓ 2 Changed 4 years ago by rosali
IMO you could use the kill_session hook.
comment:2 in reply to: ↑ 1 ; follow-up: ↓ 3 Changed 4 years ago by alexli
Replying to rosali:
IMO you could use the kill_session hook.
That won't work actually, because kill_session is called in several places other than logout. For example it is called during login, so if a line is added to log out of the SSO system to the kill_session hook it won't be possible to log into RoundCube using the SSO system. I think using the kill_session hook could work if an argument specifying the current task is added to the hook so the plugin could test whether the task is the logout task, but I think it is more straightforward to just add a hook that will only be called when the user chooses to log out explicitly.
comment:3 in reply to: ↑ 2 ; follow-up: ↓ 4 Changed 4 years ago by rosali
Replying to alexli:
Replying to rosali:
IMO you could use the kill_session hook.
That won't work actually, because kill_session is called in several places other than logout. For example it is called during login, so if a line is added to log out of the SSO system to the kill_session hook it won't be possible to log into RoundCube using the SSO system. I think using the kill_session hook could work if an argument specifying the current task is added to the hook so the plugin could test whether the task is the logout task, but I think it is more straightforward to just add a hook that will only be called when the user chooses to log out explicitly.
You could use $_GET_task? == 'logout' perhaps rcmail::get_instance->task == 'logout' (can't test at the moment) in the plugin.
comment:4 in reply to: ↑ 3 Changed 4 years ago by alexli
Replying to rosali:
Replying to alexli:
Replying to rosali:
IMO you could use the kill_session hook.
That won't work actually, because kill_session is called in several places other than logout. For example it is called during login, so if a line is added to log out of the SSO system to the kill_session hook it won't be possible to log into RoundCube using the SSO system. I think using the kill_session hook could work if an argument specifying the current task is added to the hook so the plugin could test whether the task is the logout task, but I think it is more straightforward to just add a hook that will only be called when the user chooses to log out explicitly.
You could use $_GET_task? == 'logout' perhaps rcmail::get_instance->task == 'logout' (can't test at the moment) in the plugin.
There's another problem with that. With my SSO plugin the plugin needs to redirect to the SSO service's logout URL when the client requests logout. Since the kill_session hook is implemented at the beginning of the kill_session() function, the rest of that function won't be executed if this redirection occurs in the plugin. So the plugin would need to duplicate that code before redirecting to the SSO service, which is less than desirable.
comment:5 Changed 4 years ago by thomasb
- Resolution set to fixed
- Status changed from new to closed
OK, these are enough arguments :-)
Added in [d0026078]
A simple implementation of the plugin hook.