<?php
/**
- * @copyright Copyright (C) 2010-2021, the Friendica project
+ * @copyright Copyright (C) 2010-2022, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
namespace Friendica\Module\Security;
+use Friendica\App;
use Friendica\BaseModule;
+use Friendica\Core\Cache\Capability\ICanCache;
use Friendica\Core\Hook;
+use Friendica\Core\L10n;
+use Friendica\Core\Session\Capability\IHandleUserSessions;
use Friendica\Core\System;
use Friendica\DI;
use Friendica\Model\Profile;
-use Friendica\Security\TwoFactor;
+use Friendica\Model\User\Cookie;
+use Friendica\Module\Response;
+use Friendica\Util\Profiler;
+use Psr\Log\LoggerInterface;
/**
* Logout module
*/
class Logout extends BaseModule
{
+ /** @var ICanCache */
+ protected $cache;
+ /** @var Cookie */
+ protected $cookie;
+ /** @var IHandleUserSessions */
+ protected $session;
+
+ public function __construct(L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, Response $response, ICanCache $cache, Cookie $cookie, IHandleUserSessions $session, array $server, array $parameters = [])
+ {
+ parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
+
+ $this->cache = $cache;
+ $this->cookie = $cookie;
+ $this->session = $session;
+ }
+
+
/**
* Process logout requests
*/
- public static function init()
+ protected function rawContent(array $request = [])
{
$visitor_home = null;
- if (remote_user()) {
+ if ($this->session->getRemoteUserId()) {
$visitor_home = Profile::getMyURL();
- DI::cache()->delete('zrlInit:' . $visitor_home);
+ $this->cache->delete('zrlInit:' . $visitor_home);
}
Hook::callAll("logging_out");
- // Remove this trusted browser as it won't be able to be used ever again after the cookie is cleared
- if (DI::cookie()->get('trusted')) {
- $trustedBrowserRepository = new TwoFactor\Repository\TrustedBrowser(DI::dba(), DI::logger());
- $trustedBrowserRepository->removeForUser(local_user(), DI::cookie()->get('trusted'));
+ // If this is a trusted browser, redirect to the 2fa signout page
+ if ($this->cookie->get('2fa_cookie_hash')) {
+ $this->baseUrl->redirect('2fa/signout');
}
- DI::cookie()->clear();
- DI::session()->clear();
+ $this->cookie->clear();
+ $this->session->clear();
if ($visitor_home) {
System::externalRedirect($visitor_home);
} else {
- info(DI::l10n()->t('Logged out.'));
- DI::baseUrl()->redirect();
+ DI::sysmsg()->addInfo($this->t('Logged out.'));
+ $this->baseUrl->redirect();
}
}
}