Uploaded image for project: 'translate5'
  1. translate5
  2. TRANSLATE-2889

logoutOnWindowClose does not work

    XMLWordPrintable

Details

    • Critical
    • If just closing the application window the user is now logged out correctly (if configured).

    Description

      Logout when leaving translate5 not via logout button doesn't work.

      Cleaning the cookie on beforeunload is needed to not interpret 302 redirects' HTML as JSON

      But this causes sendBeacon to not send it even when it is deleted only after the sendBeacon call

      So the /logout API  cannot destroy the session, bc it has no sessionId.

      We must in this case send the sessionID as request param because sendBacon allows no header customization. Easiest is as GET parameter, potentially appearing in auth logs. POST is also possible, lookup the sendBeacon API for it.

      Then in the logoutHandler construct the sessionToDestroy from the request param instead of the zfExtended  header.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. TRANSLATE-2856 Login/Logout issues

          • Done

          New Feature - A new feature of the product, which has yet to be developed. TRANSLATE-1586 Close session on browser window close

          • Done

          Activity

            People

              tlauria Thomas Lauria
              christophlamparter Christoph Lamparter (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: