Jump to content

Log out link


CA3LE

Recommended Posts

Posted

I need to make a logout link...

I see in IPS4 the csrfKey added to the query string
logout/?csrfKey=84cdb6ae2e156b212c1ae94cf921e555
Without this...
"The CSRF protection key did not match."

How can I either disable this CSRF match or get the CSRF variable (csrfKey) into my application so I can add it to the query string?  I just want a "Logout" button outside of IPS. 

Posted

That's the csrfKey definition:

	/**
	 * Init
	 *
	 * @return	void
	 */
	public function init()
	{
		/* Set ID */
		$this->id = session_id();

		/* Crate csrf key */
		$this->csrfKey = md5( "{$this->member->email}&{$this->member->member_login_key}& " . ( $this->member->member_id ? $this->member->joined->getTimestamp() : 0 ) . '&' . $this->id );

system\Session\Session.php.

Posted

Nevermind... I can do it through ipsconnect.

https://community.invisionpower.com/4docs/advanced-usage/development/ips-connect-r99/

Method: logout

API calls to the logout method are designed to log the user out of the master application as well as all of the slave installations.

GET parameters:

  • returnTo: The URL to return the user to once they have been logged out
  • id: The member's unique integer ID on the master installation

NOTE:

Much like the crossLogin method, the logout method should redirect the user to all slave applications to log the user out and then log the user out of the master application before returning the user to the originating installation.  slaveCall is passed in the URL when the master calls slave applications to differentiate requests between master and slave applications.

Response status codes: None, the user will be redirected to the returnTo URL

Response parameters: None

 

... I'd think in a support community someone could have helped me with this information days ago instead of criticizing that I posted twice.  

Posted
11 hours ago, Adriano Faria said:

That's the csrfKey definition:


	/**
	 * Init
	 *
	 * @return	void
	 */
	public function init()
	{
		/* Set ID */
		$this->id = session_id();

		/* Crate csrf key */
		$this->csrfKey = md5( "{$this->member->email}&{$this->member->member_login_key}& " . ( $this->member->member_id ? $this->member->joined->getTimestamp() : 0 ) . '&' . $this->id );

system\Session\Session.php.

Our posts must have collided (posted at the same time).

EFF YEAH!  Thanks!  Knowing that makes it much easier for me... knowing that it's just a hash of that information REALLY helps.  Now I don't have to deal with working through ipsconnect.

thank you, thank you, thank you!

The comments say "Crate csrf key" -- they meant "Create"... right?  Maybe you found a misspelling there... I dunno, maybe they do mean crate, you could call putting all those variables together 'crating' I guess.

... 2 minutes later ...

I already have it implemented on my site.  Thanks again, that was exactly what I needed!

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...