Enhanced auth_cookie behavior

[StefanW@…]

I'm running trac and used the ReWriteEngine? to support multiple projects. But Logout does not work anymore. I saw, that trac uses a session cockie. Info from Mozilla Firebird: Name: trac_auth Content: 04be779069adc4096e3c6ab841be3cea Host: cartman Path/projects/<someproject> Server Secure: no Expires: at end of session Policy: no policy about storing identifiable information

So it would be nice, if you could add authentification-information in the trac-db: For each cookie a 'loggend_in' variable. (So if the user klicks on 'Logout', you could store 'false' in it.) A timestamp for the last login would also be nice, so that a session runs out after e.g. 8h of no action)

It would also be cool if you could support that 'logged_in'-variable with trac-admin. The reason is: Here in my company we use 3 components: Trac, SVN, and a selfmade PHP-programmed userinterface for adding/modifying new users, projects, permissions... And we use the same authentication system for all these three components. So if i want to log-out at one component (but don't want to close the browser!), i also should be logged-out at the other components.

So I need a new trac-command for asking the logged_in-state: 'trac-admin <path-to-project> logged_in 04be779069adc4096e3c6ab841be3cea' Result: ==> coockie not found or ==> 04be779069adc4096e3c6ab841be3cea loggend_in = TRUE or ==> 04be779069adc4096e3c6ab841be3cea loggend_in = TRUE

and a new trac-command for setting the logged_in-state: 'trac-admin <path-to-project> login 04be779069adc4096e3c6ab841be3cea StefanW' or 'trac-admin <path-to-project> logout 04be779069adc4096e3c6ab841be3cea StefanW'

BTW trac&svn are great!

[jonas]

If I understand you correctly:

• Logging out by clicking on the "logout"-link works.
• You want the auth_cookie to be permanent and indicate a logged out state with a boolean flag instead of just removing that entry from the auth_cookie table.
• You want trac-admin to be extended with a command to toggle the logged_in/out flag for a specific user/auth_cookie entry.

I'm not if this just is a hack for your specific setup or if this could be usefull for others, I'll have to think about this.

[Brad Anderson <brad@…>]

I'm definitely interested in this. I have all kinds of problems with switching users (i.e. logging out as User X and logging in as User Y). I see the same behavior with logout that Stefan sees, but I'm not sure of the cause. I have multiple projects set up and am using mod_python. I have had to manually delete the cookies in my browser to avoid having to close the browser (I have other tabs open that I want to keep open), just to get the log-out to take.

[Matthew Good <matt-good.net>]

Well, I'm continuing the portion of this on the login/logout issues on #791. However, Trac has no control over logging you out of SVN, and if you want your own PHP thing to connect with Trac's authentication it's kind of up to you to figure that one out.