Search The ForumSearch   RegisterRegister  LoginLogin

AfterLogic WebMail Pro

 AfterLogic Forum : AfterLogic WebMail Pro
Subject Topic: API Logout Not WOrking? Post ReplyPost New Topic
Author
Message << Prev Topic | Next Topic >>
glenelkins
Newbie
Newbie


Joined: 25 August 2020
Location: United Kingdom
Online Status: Offline
Posts: 33
Posted: 16 October 2020 at 1:37am | IP Logged Quote glenelkins

Hi

I have integrated Webmail Pro successfully using php to perform a login inside an iframe.

A strange issue though, our system allows multiple email accounts so the iframe url changes depending on the user trying to log in.

If i click on one email, say test@test.com it all logs in and loads the iframe correctly. Now if i click another address say test2@test.com the iframe still loads the first email account instead of logging in with the new one i selected. This goes away then if i press Logout in webmail pro and then it decides to load the second account.

Here is the basic login code:

<?php

require_once './system/autoload.php';

$username = isset($_GET['username']) ? $_GET['username'] : null;
$password = isset($_GET['password']) ? $_GET['password'] : null;
$doLogout = isset($_GET['doLogout']) ? $_GET['doLogout'] : 'yes';


if($username && $password) {
    \Aurora\System\Api::Init();

    if($doLogout == 'yes') {

        if(\Aurora\System\Api::GetModuleDecorator('Core')->Logout()) {
            \Aurora\System\Api::Location('./mailLogin.php?username='.$username.'&password='.$password.'&doLogout=no');
        }else{
            header('HTTP/1.0 403 Forbidden');

            echo 'You are forbidden!';

            exit();
        }
    }

    //die($username);
    $aData = \Aurora\System\Api::GetModuleDecorator('Core')->Login($username, $password);
    if (isset($aData['AuthToken'])) {
        $sAuthToken = $aData['AuthToken'];
        setcookie('AuthToken', $sAuthToken, time() + 3600, "/");
        \Aurora\System\Api::Location('./');

        exit();
    }
}

header('HTTP/1.0 403 Forbidden');

echo 'You are forbidden!';

exit();


As you can see i am trying to force the logout before the login, but it doesn't work, it still loads the previous email account.


EDIT: I just noticed that the logout doesn't work at all if i use the code above to login. But if i login via the web interface i can log out. Is this a bug?
Back to Top View glenelkins's Profile Search for other posts by glenelkins
 
Igor
AfterLogic Support
AfterLogic Support


Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
Posted: 16 October 2020 at 2:47am | IP Logged Quote Igor

The method GetModuleDecorator('Core')->Logout() performs additional actions on logging out (such as adding log records) and removes session from the database if the feature is enabled (and it's disabled by default). To reliably log current user out, you need to delete AuthToken cookie.

Hope this helps.

--
Regards,
Igor, Afterlogic Support
Back to Top View Igor's Profile Search for other posts by Igor
 

If you wish to post a reply to this topic you must first login
If you are not already registered you must first register

  Post ReplyPost New Topic
Printable version Printable version

Forum Jump

Powered by Web Wiz Forums version 7.9
Copyright ©2001-2004 Web Wiz Guide