From 47bcac930df8bde71ffeb9144ac07d429ea9ee87 Mon Sep 17 00:00:00 2001
From: Andrew Aitken-Fincham <andrew@silverstripe.com>
Date: Tue, 3 Apr 2018 22:43:49 +0100
Subject: [PATCH] ENHANCEMENT Add config var to skip confirm logout (#7977)

---
 src/Security/MemberAuthenticator/LogoutHandler.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Security/MemberAuthenticator/LogoutHandler.php b/src/Security/MemberAuthenticator/LogoutHandler.php
index 9b870a259..3e129b1b6 100644
--- a/src/Security/MemberAuthenticator/LogoutHandler.php
+++ b/src/Security/MemberAuthenticator/LogoutHandler.php
@@ -37,6 +37,11 @@ class LogoutHandler extends RequestHandler
         'LogoutForm'
     ];
 
+    /**
+     * @config
+     * @var bool
+     */
+    private static $confirm_logout = true;
 
     /**
      * Log out form handler method
@@ -54,7 +59,7 @@ class LogoutHandler extends RequestHandler
 
         // If the user doesn't have a security token, show them a form where they can get one.
         // This protects against nuisance CSRF attacks to log out users.
-        if ($member && !SecurityToken::inst()->checkRequest($this->getRequest())) {
+        if ($member && self::config()->get('confirm_logout') && !SecurityToken::inst()->checkRequest($this->getRequest())) {
             Security::singleton()->setSessionMessage(
                 _t(
                     'SilverStripe\\Security\\Security.CONFIRMLOGOUT',