diff --git a/cms/envs/common.py b/cms/envs/common.py index 5af3d7ab9b..e3e0dcfb6c 100644 --- a/cms/envs/common.py +++ b/cms/envs/common.py @@ -652,8 +652,9 @@ LOGIN_REDIRECT_URL = EDX_ROOT_URL + '/home/' LOGIN_URL = reverse_lazy('login_redirect_to_lms') FRONTEND_LOGIN_URL = lambda settings: settings.LMS_ROOT_URL + '/login' derived('FRONTEND_LOGIN_URL') -FRONTEND_LOGOUT_URL = lambda settings: settings.LMS_ROOT_URL + '/logout' -derived('FRONTEND_LOGOUT_URL') +# Warning: Must have trailing slash to activate correct logout view +# (auth_backends, not LMS user_authn) +FRONTEND_LOGOUT_URL = '/logout/' FRONTEND_REGISTER_URL = lambda settings: settings.LMS_ROOT_URL + '/register' derived('FRONTEND_REGISTER_URL') diff --git a/cms/envs/devstack.py b/cms/envs/devstack.py index 70b966a8b9..1bfc970beb 100644 --- a/cms/envs/devstack.py +++ b/cms/envs/devstack.py @@ -51,7 +51,6 @@ FEATURES['PREVIEW_LMS_BASE'] = "preview." + LMS_BASE # TODO: Remove after Studio OAuth transition is complete. See docs/guides/studio_oauth.rst LOGIN_URL = '/login/' FRONTEND_LOGIN_URL = LMS_ROOT_URL + '/login' -FRONTEND_LOGOUT_URL = LMS_ROOT_URL + '/logout' FRONTEND_REGISTER_URL = LMS_ROOT_URL + '/register' ########################### PIPELINE ################################# diff --git a/cms/urls.py b/cms/urls.py index fa0fe871b0..d82cece189 100644 --- a/cms/urls.py +++ b/cms/urls.py @@ -44,6 +44,8 @@ COURSELIKE_KEY_PATTERN = r'(?P({}|{}))'.format( # Pattern to match a library key only LIBRARY_KEY_PATTERN = r'(?Plibrary-v1:[^/+]+\+[^/+]+)' +# oauth2_urlpatterns needs to be first to override any other login and +# logout related views. urlpatterns = oauth2_urlpatterns + [ url(r'', include('openedx.core.djangoapps.user_authn.urls_common')), url(r'', include('common.djangoapps.student.urls')), diff --git a/docs/guides/studio_oauth.rst b/docs/guides/studio_oauth.rst index f0d6b2a892..8f0d381e85 100644 --- a/docs/guides/studio_oauth.rst +++ b/docs/guides/studio_oauth.rst @@ -65,3 +65,11 @@ Config and code changes to be performed after all environments are using OAuth f - Remove ``LOGIN_URL`` overrides from all environments (devstack and others) - Remove remaining ``ARCH-1253`` detritus (login redirect) - Remove this doc! + +Declining the migration +----------------------- + +Untested instructions for continuing to keep the shared sessions: + +- Override ``FRONTEND_LOGOUT_URL`` for Studio to be ``/logout`` +- Override ``LOGIN_URL`` for Studio to be ``/login`` diff --git a/openedx/core/djangoapps/user_authn/urls_common.py b/openedx/core/djangoapps/user_authn/urls_common.py index 0268332907..0fce4a5e67 100644 --- a/openedx/core/djangoapps/user_authn/urls_common.py +++ b/openedx/core/djangoapps/user_authn/urls_common.py @@ -65,6 +65,9 @@ urlpatterns = [ # Login Refresh of JWT Cookies url(r'^login_refresh$', login.login_refresh, name="login_refresh"), + # WARNING: This is similar to auth_backends ^logout/$ (which has a + # trailing slash); LMS uses this view, but Studio links to the + # auth_backends logout view. url(r'^logout$', logout.LogoutView.as_view(), name='logout'), # Moved from user_api/legacy_urls.py