store auth plugin name and additional values in session, implement for oidc and enable post logout redirect uri, fixes #5680

Closes #5680 Merge request studip/studip!4310
author: Jan-Hendrik Willms <tleilax+studip@gmail.com> 2026-02-10 13:30:29 +0100
committer: Jan-Hendrik Willms <tleilax+studip@gmail.com> 2026-02-10 13:30:29 +0100
commit: 85aeda74a7a5761c30bb16cdf84199689b934b7f (patch)
tree: 7b1defcc4b5be2a2f4c137b3e20070dd5b86aa2b /app
parent: e08d2d6e3f0c646d93ae39203962dfc7da512294 (diff)
2 files changed, 12 insertions, 6 deletions
diff --git a/app/controllers/login.php b/app/controllers/login.php
index 9da3a19..af8f3bd 100644
--- a/app/controllers/login.php
+++ b/app/controllers/login.php
@@ -81,7 +81,10 @@ class LoginController extends AuthenticatedController
                     $this->redirect('login/activate_email', ['uid' => $uid]);
                     return;
                 } else {
-                    auth()->setAuthenticatedUser($check_auth['user']);
+                    auth()->setAuthenticatedUser(
+                        $check_auth['user'],
+                        ['auth_plugin' => 'standard']
+                    );
                     Metrics::increment('core.login.succeeded');
                     sess()->regenerateId(\Studip\Authentication\Manager::DEFAULT_KEPT_SESSION_VARIABLES);
                     $this->redirect('start/index');
diff --git a/app/controllers/logout.php b/app/controllers/logout.php
index 3c641de..cf0409d 100644
--- a/app/controllers/logout.php
+++ b/app/controllers/logout.php
@@ -29,8 +29,9 @@ class LogoutController extends AuthenticatedController
             return;
         }
 
-        if ($GLOBALS['user']->id !== 'nobody') {
-            $my_messaging_settings = $GLOBALS['user']->cfg->MESSAGING_SETTINGS;
+        $user = User::findCurrent();
+        if ($user) {
+            $my_messaging_settings = $user->getConfiguration()->getValue('MESSAGING_SETTINGS');
 
             //Wenn Option dafuer gewaehlt, alle ungelsesenen Nachrichten als gelesen speichern
             if (!empty($my_messaging_settings['logout_markreaded'])) {
@@ -38,15 +39,17 @@ class LogoutController extends AuthenticatedController
             }
 
             $_language = $_SESSION['_language'];
-            $contrast = UserConfig::get($GLOBALS['user']->id)->USER_HIGH_CONTRAST;
+            $contrast = $user->getConfiguration()->getValue('USER_HIGH_CONTRAST');
 
             // Get auth plugin of user before logging out since the $auth object will
             // be modified by the logout
-            $auth_plugin = StudipAuthAbstract::getInstance($GLOBALS['user']->auth_plugin);
+            $used_auth_plugin = auth()->getSessionVariable('auth_plugin') ?? $user->auth_plugin;
+            $auth_plugin = StudipAuthAbstract::getInstance($used_auth_plugin);
 
             sess()->destroy();
+
             //Session changed zuruecksetzen
-            $timeout=(time()-(15 * 60));
+            $timeout = strtotime('-15 minutes');
             $GLOBALS['user']->set_last_action($timeout);
 
             // Perform logout from auth plugin (if possible)
author	Jan-Hendrik Willms <tleilax+studip@gmail.com>	2026-02-10 13:30:29 +0100
committer	Jan-Hendrik Willms <tleilax+studip@gmail.com>	2026-02-10 13:30:29 +0100
commit	85aeda74a7a5761c30bb16cdf84199689b934b7f (patch)
tree	7b1defcc4b5be2a2f4c137b3e20070dd5b86aa2b /app
parent	e08d2d6e3f0c646d93ae39203962dfc7da512294 (diff)