[Twisted-web] Re: /__logout__ doesn't expire the session

[Andrea Arcangeli]

On Fri, Jan 14, 2005 at 11:26:30AM -0500, Alex Levy wrote:
> Yes, you're right; good call. I'd forgotten about that part.
> 
> So, I've attached an example that should allow you to define code that 
> runs on logout, and also has full access to the session. I've tested it 
> (briefly), so if anyone has any better ideas, they are more than welcome 
> to share.
> 
> Andrea, this should address your needs. Does anyone else think we should 
> make this (or, better yet, a cleaned-up version of it) part of the Nevow 
> examples?

Yes I see how the mind works now, there was code in nevow just for this
purpose! So at least the expiry part I can definitely do it in the
logout callback and you can obsolete my proposed patch (unless you feel
safer to apply it and to let special aware users not to do the forced
expiry by passing a variable when creating the sessionwrapper).

However to do everything in the logout callback I need the ctx too, not
only the session (then I could drop an intermediate redirecting page).

I'll try to find a way to move from request to ctx (they're an 1:1
mapping, going from ctx to request is easy with inevow.IRequest, I'm
just not sure about the reverse... ;).

Many thanks!