documentation/articles/HandlingLogout.asciidoc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

---
title: Handling Logout
order: 21
layout: page
---

[[handling-logout]]
= Handling logout
What should happen the user wants to log out from a Vaadin application
depends on how the user is stored when the user logged in.

If the user information is stored in the `VaadinSession`, that session
should be closed using its `close()` method. If the information on the
other hand is stored in the `HttpSession` or `PortletSession`, then that
session should be invalidated using the `invalidate()` method in Vaadin's
`WrappedSession` that represents either underlying session type.

Aside from removing the user's information, the user should also be
redirected to a logout page to avoid keeping the UI open in the browser
after all server-side information about is has been removed.

[source,java]
....
private void logout() {
    // Close the VaadinServiceSession
    getUI().getSession().close();

    // Invalidate underlying session instead if login info is stored there
    // VaadinService.getCurrentRequest().getWrappedSession().invalidate();

    // Redirect to avoid keeping the removed UI open in the browser
    getUI().getPage().setLocation(getLogoutPageLocation());
}
....

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

<?php

declare(strict_types=1);

/**
 * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
namespace OCP\Accounts;

use InvalidArgumentException;

/**
 * Interface IAccountProperty
 *
 * @since 15.0.0
 */
interface IAccountProperty extends \JsonSerializable {
	/**
	 * Set the value of a property
	 *
	 * @since 15.0.0
	 *
	 * @param string $value
	 * @return IAccountProperty
	 */
	public function setValue(string $value): IAccountProperty;

	/**
	 * Set the scope of a property
	 *
	 * @since 15.0.0
	 *
	 * @param string $scope
	 * @psalm-param IAccountManager::SCOPE_* $scope
	 * @return IAccountProperty
	 * @throws InvalidArgumentException (since 22.0.0)
	 */
	public function setScope(string $scope): IAccountProperty;

	/**
	 * Set the verification status of a property
	 *
	 * @since 15.0.0
	 *
	 * @param string $verified
	 * @return IAccountProperty
	 */
	public function setVerified(string $verified): IAccountProperty;

	/**
	 * Get the name of a property
	 *
	 * @since 15.0.0
	 *
	 * @return string
	 */
	public function getName(): string;

	/**
	 * Get the value of a property
	 *
	 * @since 15.0.0
	 *
	 * @return string
	 */
	public function getValue(): string;

	/**
	 * Get the scope of a property
	 *
	 * @since 15.0.0
	 *
	 * @return string
	 * @psalm-return IAccountManager::SCOPE_*
	 */
	public function getScope(): string;

	/**
	 * Get the verification status of a property
	 *
	 * @since 15.0.0
	 *
	 * @return string
	 */
	public function getVerified(): string;

	/**
	 * Sets data for verification purposes.
	 *
	 * @since 22.0.0
	 */
	public function setVerificationData(string $verificationData): IAccountProperty;

	/**
	 * Retrieves data for verification purposes.
	 *
	 * @since 22.0.0
	 */
	public function getVerificationData(): string;

	/**
	 * Set the instance-based verification status of a property
	 *
	 * @since 23.0.0
	 *
	 * @param string $verified must be one of the verification constants of IAccountManager
	 * @return IAccountProperty
	 * @throws InvalidArgumentException
	 */
	public function setLocallyVerified(string $verified): IAccountProperty;

	/**
	 * Get the instance-based verification status of a property
	 *
	 * @since 23.0.0
	 *
	 * @return string
	 */
	public function getLocallyVerified(): string;
}