starred/cypht

Fork 0

mirror of https://github.com/cypht-org/cypht.git synced 2026-04-25 04:56:03 +03:00

[GH-ISSUE #263] Session not removed from storage on logout when using API #225

New issue

Closed

opened 2026-02-25 21:34:29 +03:00 by kerem · 10 comments

kerem commented

2026-02-25 21:34:29 +03:00

Owner

Originally created by @Yamakasi on GitHub (Feb 10, 2018).
Original GitHub issue: https://github.com/cypht-org/cypht/issues/263

Originally assigned to: @jasonmunro on GitHub.

When you logout using the API the session is not removed from the session storage backend.

We need to call:

$session->destroy();

from the set sessionhandler

https://github.com/jasonmunro/cypht/blob/master/modules/api_login/api.php#L48

The issue that raises here is that $this->session_key is empty when using the API on logout. So we need to grab it from the still existing cookie again ?

We can let the $session->delete_cookie() on

https://github.com/jasonmunro/cypht/blob/master/modules/api_login/api.php#L51-L52

still exist to make sure the cookie is removed but let this also be managed by the destroy() functions in the session backends.

Better be safe then sorry and check if the cookie still exist before fire ?:

https://github.com/jasonmunro/cypht/blob/master/modules/api_login/api.php#L51-L52

Originally created by @Yamakasi on GitHub (Feb 10, 2018). Original GitHub issue: https://github.com/cypht-org/cypht/issues/263 Originally assigned to: @jasonmunro on GitHub. When you logout using the API the session is not removed from the session storage backend. We need to call: ``` $session->destroy(); ``` from the set sessionhandler https://github.com/jasonmunro/cypht/blob/master/modules/api_login/api.php#L48 The issue that raises here is that $this->session_key is empty when using the API on logout. So we need to grab it from the still existing cookie again ? We can let the $session->delete_cookie() on https://github.com/jasonmunro/cypht/blob/master/modules/api_login/api.php#L51-L52 still exist to make sure the cookie is removed but let this also be managed by the destroy() functions in the session backends. Better be safe then sorry and check if the cookie still exist before fire ?: https://github.com/jasonmunro/cypht/blob/master/modules/api_login/api.php#L51-L52

kerem

2026-02-25 21:34:29 +03:00

closed this issue
added the
bug

api_login
labels

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@jasonmunro commented on GitHub (Feb 13, 2018):

I will check it out, my initial thought is that it's a bug/oversight of the api login module set. thanks for the feedback.

@jasonmunro commented on GitHub (Feb 13, 2018): I will check it out, my initial thought is that it's a bug/oversight of the api login module set. thanks for the feedback.

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@jasonmunro commented on GitHub (Feb 22, 2018):

I don't have a way to test this right now, but this change should fix this:
github.com/jasonmunro/cypht@ae259d77da

@jasonmunro commented on GitHub (Feb 22, 2018): I don't have a way to test this right now, but this change should fix this: https://github.com/jasonmunro/cypht/commit/ae259d77da082f02fcbc0bfbdcd9addce8a19711

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@Yamakasi commented on GitHub (Feb 25, 2018):

Yes good idea but this still gives an empty $this->session_key in the destroy function as far as I can see.

@Yamakasi commented on GitHub (Feb 25, 2018): Yes good idea but this still gives an empty $this->session_key in the destroy function as far as I can see.

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@Yamakasi commented on GitHub (Mar 7, 2018):

Any update on this ?

@Yamakasi commented on GitHub (Mar 7, 2018): Any update on this ?

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@jasonmunro commented on GitHub (Mar 13, 2018):

sorry, not yet. I will check ti out!

@jasonmunro commented on GitHub (Mar 13, 2018): sorry, not yet. I will check ti out!

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@Yamakasi commented on GitHub (Apr 2, 2018):

Do you need to have some extra investigation about this or do you need to go deeper into your code for this ?

@Yamakasi commented on GitHub (Apr 2, 2018): Do you need to have some extra investigation about this or do you need to go deeper into your code for this ?

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@jasonmunro commented on GitHub (Apr 12, 2018):

Sorry, just super busy with work. I promise this is at the top of my Cypht todo list!

@jasonmunro commented on GitHub (Apr 12, 2018): Sorry, just super busy with work. I promise this is at the top of my Cypht todo list!

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@jasonmunro commented on GitHub (Apr 15, 2018):

@Yamakasi Just pushed a fix that works here - please pull the latest git and let me know!

@jasonmunro commented on GitHub (Apr 15, 2018): @Yamakasi Just pushed a fix that works here - please pull the latest git and let me know!

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@Yamakasi commented on GitHub (Apr 15, 2018):

Thanks! I will test it out tomorrow (today actualy) I was busy as well so no worries! Thanks, let you know!

@Yamakasi commented on GitHub (Apr 15, 2018): Thanks! I will test it out tomorrow (today actualy) I was busy as well so no worries! Thanks, let you know!

kerem commented

2026-02-25 21:34:29 +03:00

Author

Owner

@jasonmunro commented on GitHub (Jun 6, 2018):

I believe this is fixed so I'm closing this issue. @Yamakasi if it's not fixed for you when you get to test it out, please re-open this.

@jasonmunro commented on GitHub (Jun 6, 2018): I believe this is fixed so I'm closing this issue. @Yamakasi if it's not fixed for you when you get to test it out, please re-open this.