I stay authenticated even after i logout

[WarayAmine]

Hi,

First of all i would like to say thank you for this sample project, it's really helpfull.

I have two questions :

• When i logout, the library's logout function is called and all tokens are removed, but when i reload the page, a redirect or two happen and i find myself logged in again. What could be the problem ?
• I never reach this part of code, result.reason is always null, maybe i don't know how to get in a situation where it's not null.

Thanks again.

              if (result
              && result.reason
              && errorResponsesRequiringUserInteraction.indexOf(result.reason.error) >= 0) {

                            // 3. ASK FOR LOGIN:
                            // At this point we know for sure that we have to ask the
                            // user to log in, so we redirect them to the IdServer to
                            // enter credentials.
                            //
                            // Enable this to ALWAYS force a user to login.
                            // this.login();
                            //
                            // Instead, we'll now do this:
                            console.warn('User interaction is needed to log in, we will wait for the user to manually log in.');
                            return Promise.resolve();
            }

[jeroenheijmans]

Glad to hear it's helpful! I'm not 100% sure if I'll always have time to answer individual support questions so you can also try your luck at Stack Overflow or the main library if I'm not responsive here.

With that disclaimer out of the way, to your specific current questions....

If your logout seems to work locally but is "gone" after a refresh, then the logout was not persisted at your Identity Server. If you clone and run my sample as is (against the Demo Duende server) that will work. If you track the Network tab (and persist the logs across page loads) you'll see that the logout buttons send you to Duende and that they log you out before sending you back. - So check with your IDS and its implementation. Does it support logging out like this?

The code you posted for your second question is indeed specific to Duende as an IDServer. If you have a different server, the data might be different and you'll need to adjust. As far as I recall the structure of the object there is not enforced by the standards.

Hope that helps!

[WarayAmine]

Thanks for the reply.

I will check how must the logout be implemented with the IDS i'm using.

And by the way, i used the sample as it is with the demo server and i'm encoutering the same issue as #128 but with Google chrome. I don't have this issue with the other server i'm using.

Thanks.

[WarayAmine]

@jeroenheijmans i made a more detailed post in stackoverflow if you could take a look. Thanks anyway.

[jeroenheijmans]

Thanks for reposting the question on a broader forum like SO, sorry to see it hasn't gotten much attention yet. Still hope you'll find a solution there or otherwise. And sorry that I'm not able to help with all specific questions on the issues list here, but I hope y'all understand time's limited.

[WarayAmine]

As an update, i have found that explicitly adding the logoutUrl property fixed the issue. I don't know why but it worked.

Thanks again for this project.