The unified diff between revisions [550f515a..] and [073d0879..] is displayed below. It can also be downloaded as a raw diff.

This diff has been restricted to the following files: 'cgi-bin/openid.fcgi'

#
#
# patch "cgi-bin/openid.fcgi"
#  from [b3dc3de52a2d667d13509312ae53a333d9e75550]
#    to [2f84405f44fbb8bf8c0750c7032043183de4ce49]
#
============================================================
--- cgi-bin/openid.fcgi	b3dc3de52a2d667d13509312ae53a333d9e75550
+++ cgi-bin/openid.fcgi	2f84405f44fbb8bf8c0750c7032043183de4ce49
@@ -255,6 +255,7 @@ class CheckID:
     # Beyond here I'm assuming submit (hitting enter won't set the query parameter)
     elif mode == "login":
       query = web.input("username", "password")
+      web.session.remember = query.get('remember', False)
       # TODO: REALLY needs some sort of validation/filtering of input details.
       try:
         dn = "uid=%s,ou=People,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au" % query.username
@@ -356,6 +357,10 @@ class OpenID:
       # If we're already logged in and we trust the site, bounce straight back.
       if is_logged_in(username) and is_trusted(request.trust_root):
         answer = True
+        # Now we've got our answer, if we're not remembering the session,
+        # destroy it.
+        if not web.session.get('remember', False):
+          web.session.invalidate()
       # If we're logged in the user needs to be directed to the approval page.
       elif is_logged_in(username):
         answer = False