Add log out button

2026-03-31 21:53:29 -04:00 · 2026-03-31 21:53:29 -04:00 · ed4e749901
commit ed4e749901
parent 39f7dd6285
2 changed files with 39 additions and 0 deletions
--- a/assets/page.erb
+++ b/assets/page.erb
@ -110,10 +110,36 @@
    button:hover {
      background: #166534;
    }
+
+    .logout-form {
+      position: fixed;
+      top: 1rem;
+      right: 1rem;
+    }
+
+    .logout-btn {
+      width: auto;
+      padding: 0.4rem 0.8rem;
+      margin: 0;
+      background: #1e2433;
+      color: #94a3b8;
+      font-size: 0.75rem;
+    }
+
+    .logout-btn:hover {
+      background: #2a3040;
+    }
  </style>
 </head>
 <body>

+<% if authenticated %>
+  <form method="post" class="logout-form">
+    <input type="hidden" name="action" value="logout">
+    <button type="submit" class="logout-btn">Log Out</button>
+  </form>
+<% end %>
+
 <header>
  <h1><span><%= hostname %></span> status - MALP</h1>
 </header>
--- a/cgi-bin/malp.rb
+++ b/cgi-bin/malp.rb
@ -50,10 +50,23 @@ def create_session
  token
 end

+def remove_session(token)
+  return if token.nil? || token.empty?
+  sessions = load_sessions.reject { |t, _| t == token }
+  File.write(SESSIONS_FILE, sessions.map { |t, ts| "#{t}:#{ts}" }.join("\n") + "\n")
+end
+
 session_token = (cgi.cookies["MALP"] || []).first
 authenticated = valid_session?(session_token)
 cookie = nil

+if cgi.request_method == "POST" && authenticated && cgi.params["action"]&.first == "logout"
+  remove_session(session_token)
+  cookie = CGI::Cookie.new("name" => "MALP", "value" => "", "path" => "/", "expires" => Time.at(0))
+  print cgi.header("Status" => "303 See Other", "Location" => ENV["REQUEST_URI"], "cookie" => cookie)
+  exit
+end
+
 if cgi.request_method == "POST" && !authenticated
  username = cgi.params["username"]&.first.to_s
  password = cgi.params["password"]&.first.to_s