From 759a037ff6d84caab2c4bab83b9da9fa06616115 Mon Sep 17 00:00:00 2001
From: Nicolas Valcarcel <nvalcarcel@gmail.com>
Date: Wed, 11 Sep 2019 22:52:47 -0500
Subject: [PATCH 1/3] add logout functionality

---
 README.md                                | 15 ++++++++++++---
 marketplace/templates/users/welcome.html |  1 +
 marketplace/users.py                     |  6 ++++++
 3 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 7d2858a..9e3c038 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,17 @@
 # Secure Coding with Python.
 
-## Chapter 4: Broken Authentication
-### Fix
-In order to avoid giving to much information, we need to use a more generic error message that doesn't give away specifics of the users.
+## Chapter 5: Broken De-Authentication
+### Requirement
+Now that users are allowed to login, we need to let them logout.
+
+### Development
+We set the `logged_in` session value to `False` and redirect the user to the login page.
+
+### Vulnerability
+Since flask by default uses cookie store for the sessions, we rely on the information stored in it as the ultimate
+source of truth. A source of truth that the user has control over. Because of this, if an attacker get's his/her
+hands on a session cookie, they could use them, even after the user logged out to get into the user's account.
+
 
 **Proceed to [next section](https://github.com/nxvl/secure-coding-with-python/tree/5.1-broken-deauthentication/code)**
 
diff --git a/marketplace/templates/users/welcome.html b/marketplace/templates/users/welcome.html
index 95f17d4..061d57b 100644
--- a/marketplace/templates/users/welcome.html
+++ b/marketplace/templates/users/welcome.html
@@ -5,5 +5,6 @@ <h1>{% block title %}Welcome{% endblock %}</h1>
 {% endblock %}
 
 {% block content %}
+<a href="/user/logout">Logout</a><br/>
 Welcome to the marketplace!
 {% endblock %}
diff --git a/marketplace/users.py b/marketplace/users.py
index 33a4da0..1fe8115 100644
--- a/marketplace/users.py
+++ b/marketplace/users.py
@@ -39,6 +39,12 @@ def login():
     return render_template('users/login.html', error=error)
 
 
+@bp.route('/logout', methods=('GET',))
+def logout():
+    session['logged_in'] = False
+    return redirect(url_for('users.login'))
+
+
 @bp.route('/welcome', methods=('GET',))
 def welcome():
     if session.get('logged_in'):

From 047c6cba2a7153f28dc3e0cf9a265ed5674ce819 Mon Sep 17 00:00:00 2001
From: Nicolas Valcarcel <nvalcarcel@gmail.com>
Date: Wed, 11 Sep 2019 22:53:12 -0500
Subject: [PATCH 2/3] update next section link

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9e3c038..80d0bef 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ source of truth. A source of truth that the user has control over. Because of th
 hands on a session cookie, they could use them, even after the user logged out to get into the user's account.
 
 
-**Proceed to [next section](https://github.com/nxvl/secure-coding-with-python/tree/5.1-broken-deauthentication/code)**
+**Proceed to [next section](https://github.com/nxvl/secure-coding-with-python/tree/5.1-broken-deauthentication/test)**
 
 ## Index
 ### 1. Vulnerable Components

From c911514850ce360622d14284bc81585b24275891 Mon Sep 17 00:00:00 2001
From: Nicolas Valcarcel <nvalcarcel@gmail.com>
Date: Fri, 13 Sep 2019 22:00:14 -0500
Subject: [PATCH 3/3] fix welcome controller

---
 marketplace/users.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/marketplace/users.py b/marketplace/users.py
index 27d8839..3dd49fe 100644
--- a/marketplace/users.py
+++ b/marketplace/users.py
@@ -48,5 +48,5 @@ def logout():
 
 @bp.route('/welcome', methods=('GET',))
 @auth
-def welcome():
+def welcome(user):
     return render_template('users/welcome.html')