You are here

function securesite_user_logout in Secure Site 8

Same name and namespace in other branches
  1. 7.2 securesite.module \securesite_user_logout()

Implements hook_user_logout().

File

./securesite.module, line 60
Enables HTTP authentication or an HTML form to restrict site access.

Code

function securesite_user_logout($account) {
  $types = \Drupal::config('securesite.settings')
    ->get('securesite_type');
  if ((in_array(SECURESITE_BASIC, $types) || in_array(SECURESITE_DIGEST, $types)) && !empty($_SESSION['securesite_login'])) {

    // Load the anonymous user.
    \Drupal::currentUser()
      ->setAccount(new AnonymousUserSession());

    // Safari will attempt to use old credentials before requesting new credentials
    // from the user. Logging out requires that the WWW-Authenticate header be sent
    // twice.
    $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? drupal_strtolower($_SERVER['HTTP_USER_AGENT']) : '';
    if ($user_agent != str_replace('safari', '', $user_agent)) {
      session_set_save_handler('sess_open', 'sess_close', 'sess_read', 'sess_write', 'sess_destroy_sid', 'sess_gc');
      session_start();
      $_SESSION['securesite_repeat'] = TRUE;
    }

    // Clear stored credentials.
    \Drupal::service('securesite.manager')
      ->showDialog(array_pop($types));
  }
}