From 56c9bde6cda3b6c00a25478c2926a8aa7da0f96e Mon Sep 17 00:00:00 2001
From: Julian Rother <julianr@fsmpi.rwth-aachen.de>
Date: Thu, 25 Aug 2016 22:29:46 +0200
Subject: [PATCH] Fixed login

---
 server.py           | 17 ++++++++++++++---
 templates/base.html |  4 ++--
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/server.py b/server.py
index 816cca7..53c9f27 100755
--- a/server.py
+++ b/server.py
@@ -155,9 +155,20 @@ def course():
 @app.route('/login', methods=['POST'])
 def login():
 	user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
-	if user and 'user' in groups:
-		session.user = user
-	return redirect(request.form.get('ref'))
+	if user and 'users' in groups:
+		session['user'] = user
+	if 'ref' in request.values:
+		return redirect(request.values['ref'])
+	else:
+		return redirect(url_for('index'))
+
+@app.route('/logout')
+def logout():
+	session.pop('user')
+	if 'ref' in request.values:
+		return redirect(request.values['ref'])
+	else:
+		return redirect(url_for('index'))
 
 if __name__ == '__main__':
 	app.run()
diff --git a/templates/base.html b/templates/base.html
index 2c1cfb9..5133bca 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -56,7 +56,7 @@
 									</li>
 									{% endfor %}
 									<li class="navbar-right">
-										{% if not session.userid is defined %}
+										{% if not session.user is defined %}
 										<a id="loginpopover" data-container="body" data-toggle="popover" data-placement="bottom"> 
 											<span class="glyphicon glyphicon-log-in"></span>
 										</a>
@@ -70,7 +70,7 @@
 											)
 										</script>
 										{% else %}
-										<a herf="/logout">
+										<a href="/logout?ref={{ request.url|urlencode }}">
 											<span class="glyphicon glyphicon-log-out"></span>
 										</a>
 										{% endif %}
-- 
GitLab