Support logging out of password-protected blogs

Closes T492

collections.go

@@ -110,6 +110,8 @@ type (
 
 		// User-related fields
 		isCollOwner bool
+
+		isAuthorized bool
 	}
 )
 
@@ -553,6 +555,7 @@ type CollectionPage struct {
 	IsCustomDomain bool
 	IsWelcome      bool
 	IsOwner        bool
+	IsCollLoggedIn bool
 	CanPin         bool
 	Username       string
 	Monetization   string
@@ -672,9 +675,9 @@ func processCollectionPermissions(app *App, cr *collectionReq, u *User, w http.R
 			}
 
 			// See if we've authorized this collection
-			authd := isAuthorizedForCollection(app, c.Alias, r)
+			cr.isAuthorized = isAuthorizedForCollection(app, c.Alias, r)
 
-			if !authd {
+			if !cr.isAuthorized {
 				p := struct {
 					page.StaticPage
 					*CollectionObj
@@ -792,6 +795,7 @@ func handleViewCollection(app *App, w http.ResponseWriter, r *http.Request) erro
 	// Serve collection
 	displayPage := CollectionPage{
 		DisplayCollection: coll,
+		IsCollLoggedIn:    cr.isAuthorized,
 		StaticPage:        pageForReq(app, r),
 		IsCustomDomain:    cr.isCustomDomain,
 		IsWelcome:         r.FormValue("greeting") != "",
@@ -1158,3 +1162,43 @@ func isAuthorizedForCollection(app *App, alias string, r *http.Request) bool {
 	}
 	return authd
 }
+
+func logOutCollection(app *App, alias string, w http.ResponseWriter, r *http.Request) error {
+	session, err := app.sessionStore.Get(r, blogPassCookieName)
+	if err != nil {
+		return err
+	}
+
+	// Remove this from map of blogs logged into
+	delete(session.Values, alias)
+
+	// If not auth'd with any blog, delete entire cookie
+	if len(session.Values) == 0 {
+		session.Options.MaxAge = -1
+	}
+	return session.Save(r, w)
+}
+
+func handleLogOutCollection(app *App, w http.ResponseWriter, r *http.Request) error {
+	alias := collectionAliasFromReq(r)
+	var c *Collection
+	var err error
+	if app.cfg.App.SingleUser {
+		c, err = app.db.GetCollectionByID(1)
+	} else {
+		c, err = app.db.GetCollection(alias)
+	}
+	if err != nil {
+		return err
+	}
+	if !c.IsProtected() {
+		// Invalid to log out of this collection
+		return ErrCollectionPageNotFound
+	}
+
+	err = logOutCollection(app, c.Alias, w, r)
+	if err != nil {
+		addSessionFlash(app, w, r, "Logging out failed. Try clearing cookies for this site, instead.", nil)
+	}
+	return impart.HTTPError{http.StatusFound, c.CanonicalURL()}
+}

routes.go

@@ -204,6 +204,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router {
 }
 
 func RouteCollections(handler *Handler, r *mux.Router) {
+	r.HandleFunc("/logout", handler.Web(handleLogOutCollection, UserLevelOptional))
 	r.HandleFunc("/page/{page:[0-9]+}", handler.Web(handleViewCollection, UserLevelReader))
 	r.HandleFunc("/tag:{tag}", handler.Web(handleViewCollectionTag, UserLevelReader))
 	r.HandleFunc("/tag:{tag}/feed/", handler.Web(ViewFeed, UserLevelReader))

templates/collection.tmpl

@@ -40,27 +40,42 @@
 
 	</head>
 	<body id="collection" itemscope itemtype="http://schema.org/WebPage">
-		{{if or .IsOwner .SingleUser}}<nav id="manage"><ul>
-			<li class="has-submenu"><a onclick="void(0)">&#9776; Menu</a>
-				<ul>
-					{{ if .IsOwner }}
-					{{if .SingleUser}}
-					<li><a href="/me/new">New Post</a></li>
-					{{else}}
-					<li><a href="/#{{.Alias}}" class="write">{{.SiteName}}</a></li>
-					{{end}}
-					{{if .SimpleNav}}<li><a href="/new#{{.Alias}}">New Post</a></li>{{end}}
-					<li><a href="/me/c/{{.Alias}}">Customize</a></li>
-					<li><a href="/me/c/{{.Alias}}/stats">Stats</a></li>
-					<li class="separator"><hr /></li>
-					{{if not .SingleUser}}<li><a href="/me/c/"><img class="ic-18dp" src="/img/ic_blogs_dark@2x.png" /> View Blogs</a></li>{{end}}
-					<li><a href="/me/posts/"><img class="ic-18dp" src="/img/ic_list_dark@2x.png" /> View Drafts</a></li>
-					{{ else }}
-					<li><a href="/login">Log in</a></li>
-					{{ end }}
-				</ul>
-			</li>
-		</ul></nav>{{end}}
+		{{if or .IsOwner .SingleUser}}
+			<nav id="manage"><ul>
+				<li class="has-submenu"><a onclick="void(0)">&#9776; Menu</a>
+					<ul>
+						{{ if .IsOwner }}
+							{{if .SingleUser}}
+							<li><a href="/me/new">New Post</a></li>
+							{{else}}
+							<li><a href="/#{{.Alias}}" class="write">{{.SiteName}}</a></li>
+							{{end}}
+							{{if .SimpleNav}}<li><a href="/new#{{.Alias}}">New Post</a></li>{{end}}
+							<li><a href="/me/c/{{.Alias}}">Customize</a></li>
+							<li><a href="/me/c/{{.Alias}}/stats">Stats</a></li>
+							<li class="separator"><hr /></li>
+							{{if not .SingleUser}}<li><a href="/me/c/"><img class="ic-18dp" src="/img/ic_blogs_dark@2x.png" /> View Blogs</a></li>{{end}}
+							<li><a href="/me/posts/"><img class="ic-18dp" src="/img/ic_list_dark@2x.png" /> View Drafts</a></li>
+						{{ else }}
+							<li><a href="/login">Log in{{if .IsProtected}} to {{.DisplayTitle}}{{end}}</a></li>
+							{{if .IsProtected}}
+								<li class="separator"><hr /></li>
+								<li><a href="/logout">Log out</a></li>
+							{{end}}
+						{{ end }}
+					</ul>
+				</li>
+			</ul></nav>
+		{{else if .IsCollLoggedIn}}
+			<nav id="manage" class="shiny"><ul>
+				<li class="has-submenu"><a onclick="void(0)">&#9776; Menu</a>
+					<ul>
+						<li class="menu-heading" style="padding: .5rem .75rem; box-sizing: border-box;">{{.DisplayTitle}}</li>
+						<li><a href="{{.CanonicalURL}}logout">Log out</a></li>
+					</ul>
+				</li>
+			</ul></nav>
+		{{end}}
 		
 		<header>
 		{{if .Silenced}}

templates/password-collection.tmpl

@@ -25,6 +25,18 @@
 
 	</head>
 	<body id="collection" itemscope itemtype="http://schema.org/WebPage">
+		{{if .SingleUser}}
+			<nav id="manage">
+				<ul>
+					<li class="has-submenu"><a onclick="void(0)">&#9776; Menu</a>
+						<ul>
+							<li><a href="/login">Log in</a></li>
+						</ul>
+					</li>
+				</ul>
+			</nav>
+		{{end}}
+
 		<header>
 		<h1 dir="{{.Direction}}" id="blog-title"><a href="/{{.Alias}}/" class="h-card p-author u-url" rel="me author">{{.DisplayTitle}}</a></h1>
 		</header>