-
-
Notifications
You must be signed in to change notification settings - Fork 930
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Logout does not clear session token when using auth headers to login #2747
Comments
@deathblade666 which session token are you referring to? The user-token in the browser is removed, but if you are using a third party auth provider, we aren't clearing their session tokens. Which might result in an automatic re-login. |
That makes sense, yeah that's probably it honestly unsure how to tell which is which just noticed the token is still there and it autologins back in as soon as I try to logout. Based on your in-out its probably the thrid party token (I use authentik) that's not clearing. |
Yeah, it looks might be an issue with authentik's sign out methods |
Verified issue does not already exist?
What happened?
Setup HTTP Auth header login, pressed logout to end the session, it immediately logs back in as the session token doesnt cleared
Where are you hosting Actual?
Docker
What browsers are you seeing the problem on?
Firefox, Chrome
Operating System
Linux
The text was updated successfully, but these errors were encountered: