diff --git a/CHANGELOG b/CHANGELOG
index 5ddd8c6f4e09fcd6ca9040e2e1f8b6b705d83b68..1eb8ddc1b403c90693a938fee296419777858e4b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,8 @@
+minerva (11.0.1) stable; urgency=medium
+ * Bug fix: logout caused issues with session data
+
+ -- Piotr Gawron <piotr.gawron@uni.lu> Fri, 08 Sep 2017 12:00:00 +0200
+
minerva (11.0.0) stable; urgency=medium
* Bug fix: security issue - access to specific map can be restricted
diff --git a/frontend-js/.idea/frontend-js.iml b/frontend-js/.idea/frontend-js.iml
index 24643cc37449b4bde54411a80b8ed61258225e34..69ef67a424b4d72230aac1a2e4ddc77c7a75b52b 100644
--- a/frontend-js/.idea/frontend-js.iml
+++ b/frontend-js/.idea/frontend-js.iml
@@ -3,6 +3,7 @@
<component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$">
<excludeFolder url="file://$MODULE_DIR$/.tmp" />
+ <excludeFolder url="file://$MODULE_DIR$/dist" />
<excludeFolder url="file://$MODULE_DIR$/temp" />
<excludeFolder url="file://$MODULE_DIR$/tmp" />
</content>
diff --git a/frontend-js/src/main/js/ServerConnector.js b/frontend-js/src/main/js/ServerConnector.js
index 8e87692ac119f866cd3cd88cbddd4783c1dfafba..36f7e29957cdaee875e669cf414dff08611abd30 100644
--- a/frontend-js/src/main/js/ServerConnector.js
+++ b/frontend-js/src/main/js/ServerConnector.js
@@ -248,15 +248,14 @@ ServerConnector.getToken = function (token) {
var self = this;
token = self.getSessionData(null).getToken();
- if (token === undefined) {
+ var login = self.getSessionData(null).getLogin()
+ if (token === undefined || login === undefined) {
return self.login();
} else {
// if the project is not initialized then check if we can download data
// using current token
if (self.getSessionData().getProject() === null) {
- return self.getConfiguration({
- token: token
- }).then(function () {
+ return self.getConfiguration().then(function () {
return token;
}, function () {
return self.login();
@@ -376,6 +375,12 @@ ServerConnector.loginUrl = function () {
});
};
+ServerConnector.logoutUrl = function () {
+ return this.getApiUrl({
+ type: "/doLogout",
+ });
+};
+
ServerConnector.getSuggestedQueryListUrl = function (queryParams, filterParams) {
return this.getApiUrl({
url: this.getBioEntitiesUrl(queryParams) + "suggestedQueryList/",
@@ -603,10 +608,7 @@ ServerConnector.getUserUrl = function (queryParams, filterParams) {
});
};
-ServerConnector.getConfiguration = function (params) {
- if (params === undefined) {
- params = {};
- }
+ServerConnector.getConfiguration = function () {
var self = this;
if (this._configuration === undefined) {
return self.readFile(self.getConfigurationUrl()).then(function (content) {
@@ -947,7 +949,7 @@ ServerConnector.getClosestElementsByCoordinates = function (params) {
ServerConnector.login = function (login, password) {
var self = this;
var params = {};
- if (login !== undefined) {
+ if (login !== undefined && login !== "") {
params.login = login;
params.password = password;
} else {
@@ -970,7 +972,7 @@ ServerConnector.logout = function () {
var self = this;
self.getSessionData().setToken(undefined);
self.getSessionData().setLogin(undefined);
- return Promise.resolve();
+ return self.readFile(self.logoutUrl());
};
ServerConnector.getElementsByQuery = function (params) {
diff --git a/frontend-js/testFiles/apiCalls/doLogout b/frontend-js/testFiles/apiCalls/doLogout
new file mode 100644
index 0000000000000000000000000000000000000000..1a36cf5fc27a0920a9f3668225f9d7aec239566e
--- /dev/null
+++ b/frontend-js/testFiles/apiCalls/doLogout
@@ -0,0 +1 @@
+{"status":"ok"}
\ No newline at end of file
diff --git a/persist/src/db/11.0.1/fix_db_20170908.sql b/persist/src/db/11.0.1/fix_db_20170908.sql
new file mode 100644
index 0000000000000000000000000000000000000000..a33b6ad89d4881c84fb355b8c56d309760e66b70
--- /dev/null
+++ b/persist/src/db/11.0.1/fix_db_20170908.sql
@@ -0,0 +1 @@
+-- empty file to force directory to be commited to git repo
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java b/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
index a7b6b76983ee2adc818f58b8529eacd1e123fac5..d85484790e2f2380db8344c9dd8418d38ae340f2 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
@@ -78,11 +78,27 @@ public class UserController extends BaseController {
}
@RequestMapping(value = "/doLogout", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
- public Map<String, String> logout(@CookieValue(value = Configuration.AUTH_TOKEN) String token) throws SecurityException {
+ public Map<String, String> logout(@CookieValue(value = Configuration.AUTH_TOKEN) String token,
+ HttpServletResponse response //
+ ) throws SecurityException, IOException {
userService.logout(token);
- Map<String, String> response = new HashMap<>();
- response.put("status", "OK");
- return response;
+ Map<String, String> result = new HashMap<>();
+ result.put("status", "OK");
+
+ final Boolean useSecureCookie = false;
+ final String cookiePath = "/";
+
+ Cookie cookie = new Cookie("MINERVA_AUTH_TOKEN", token);
+
+ cookie.setSecure(useSecureCookie);
+ cookie.setMaxAge(0);
+ cookie.setPath(cookiePath);
+
+ response.addCookie(cookie);
+ response.getWriter().write("{\"status\":\"OK\"}");
+ response.getWriter().flush();
+ response.getWriter().close();
+ return result;
}
/**