sso, users: Redirect to home page after logout

Closes: #2178.

- Don't bother with the redirection to the next page using the ?next= URL
parameter. Always redirect to the home (index) page.

- Show a message that logout was successful.

- Ensure that SSO cookie is removed.

Tests:

- Logout and notice that redirection has been performed to the home page.

- "Logged out successfully." message is shown.

- When logged as a user with a language set, logging out preserves the language
of the user who was just logged out.

- Login. Click logout while having browser developer tool open. Notice that
Logout request has SSO cookie. The response does not have the cookie set. The
next request is to the home page and it does not have SSO cookie in the request.

- Login to tt-rss app that needs SSO to work. Logout from FreedomBox interface
using another page. Refresh the tt-rss page and notice that user was logged out
and redirect to FreedomBox login page.

- Logout. Again, manually visit the URL
https://10.42.0.203/plinth/accounts/logout/. The page is still required to home
page and success is still shown even though the user is already logged out.

- Repeat the logout test as non-admin user.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>

plinth/modules/sso/views.py

@@ -9,9 +9,13 @@ import urllib
 
 import axes.utils
 from axes.decorators import axes_form_invalid
+from django import shortcuts
+from django.contrib import messages
 from django.contrib.auth import REDIRECT_FIELD_NAME
-from django.contrib.auth.views import LoginView, LogoutView
+from django.contrib.auth import logout as auth_logout
+from django.contrib.auth.views import LoginView
 from django.http import HttpResponseRedirect
+from django.utils.translation import gettext as _
 
 from plinth import actions, translation, utils, web_framework
 
@@ -89,15 +93,13 @@ class CaptchaLoginView(LoginView):
         return set_ticket_cookie(request.user, response)
 
 
-class SSOLogoutView(LogoutView):
-    """View to log out of FreedomBox and remove the auth_pubtkt cookie."""
-    template_name = 'index.html'
-
-    def dispatch(self, request, *args, **kwargs):
-        response = super(SSOLogoutView, self).dispatch(request, *args,
-                                                       **kwargs)
-        response.delete_cookie(SSO_COOKIE_NAME)
-        return response
+def logout(request):
+    """Logout an authenticated user, remove SSO cookie and redirect to home."""
+    auth_logout(request)
+    response = shortcuts.redirect('index')
+    response.delete_cookie(SSO_COOKIE_NAME)
+    messages.success(request, _('Logged out successfully.'))
+    return response
 
 
 def refresh(request):

plinth/modules/users/urls.py

@@ -4,11 +4,10 @@ URLs for the Users module
 """
 
 from axes.decorators import axes_dispatch
-from django.urls import re_path, reverse_lazy
+from django.urls import re_path
 from stronghold.decorators import public
 
-from plinth.modules.sso.views import (CaptchaLoginView, SSOLoginView,
-                                      SSOLogoutView)
+from plinth.modules.sso.views import CaptchaLoginView, SSOLoginView, logout
 from plinth.utils import non_admin_view
 
 from . import views
@@ -30,8 +29,7 @@ urlpatterns = [
     # axes_dispatch after axes 5.x becomes available in Debian stable.
     re_path(r'^accounts/login/$',
             public(axes_dispatch(SSOLoginView.as_view())), name='login'),
-    re_path(r'^accounts/logout/$', non_admin_view(SSOLogoutView.as_view()),
-            {'next_page': reverse_lazy('index')}, name='logout'),
+    re_path(r'^accounts/logout/$', public(logout), name='logout'),
     re_path(r'^users/firstboot/$', public(views.FirstBootView.as_view()),
             name='firstboot'),
     re_path(r'accounts/login/locked/$', public(CaptchaLoginView.as_view()),