Fixed session logout by setting expiration date in the past and empty content.

2016-05-18 12:13:25 +02:00
parent 88aaf9ed4c
commit 6a61c30689
1 changed files with 3 additions and 2 deletions
--- a/modules/session_auth/cms_session_auth_module.e
+++ b/modules/session_auth/cms_session_auth_module.e
@@ -172,9 +172,10 @@ feature {NONE} -- Implementation: routes
 				attached api.user as l_user
 			then
 					-- Logout Session
-				create l_cookie.make (tok, l_cookie_token.value) -- FIXME: unicode issue?
+				create l_cookie.make (tok, "") -- l_cookie_token.value) -- FIXME: unicode issue?
 				l_cookie.set_path ("/")
-				l_cookie.set_max_age (-1)
+				l_cookie.unset_max_age
 				l_cookie.set_expiration_date (create {DATE_TIME}.make_from_epoch (0))
 				res.add_cookie (l_cookie)
 				api.unset_user