Avoid setting duplicate cookies

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
author: Jo-Philipp Wich <jow@openwrt.org> 2015-02-09 16:30:11 +0100
committer: Jo-Philipp Wich <jow@openwrt.org> 2015-02-09 16:30:11 +0100
commit: ec1a86977b1dc5cfc1c24ab1d54205531404087b (patch)
tree: 27376bfcec7d3fda1e935c6b9bdb7921be15c8dc /modules/luci-mod-admin-full/luasrc/controller
parent: ec90cd69ed80ea4dfe8a9d44a42b155470c47b6b (diff)
1 files changed, 9 insertions, 5 deletions
diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua
index 74a3fd9ad..d00d546b6 100644
--- a/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua
+++ b/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua
@@ -28,13 +28,17 @@ end
 function action_logout()
 	local dsp = require "luci.dispatcher"
 	local utl = require "luci.util"
-	if dsp.context.authsession then
-		utl.ubus("session", "destroy", {
-			ubus_rpc_session = dsp.context.authsession
-		})
+	local sid = dsp.context.authsession
+
+	if sid then
+		utl.ubus("session", "destroy", { ubus_rpc_session = sid })
+
 		dsp.context.urltoken.stok = nil
+
+		luci.http.header("Set-Cookie", "sysauth=%s; expires=%s; path=%s/" %{
+			sid, 'Thu, 01 Jan 1970 01:00:00 GMT', dsp.build_url()
+		})
 	end
 
-	luci.http.header("Set-Cookie", "sysauth=; path=" .. dsp.build_url())
 	luci.http.redirect(luci.dispatcher.build_url())
 end
author	Jo-Philipp Wich <jow@openwrt.org>	2015-02-09 16:30:11 +0100
committer	Jo-Philipp Wich <jow@openwrt.org>	2015-02-09 16:30:11 +0100
commit	ec1a86977b1dc5cfc1c24ab1d54205531404087b (patch)
tree	27376bfcec7d3fda1e935c6b9bdb7921be15c8dc /modules/luci-mod-admin-full/luasrc/controller
parent	ec90cd69ed80ea4dfe8a9d44a42b155470c47b6b (diff)