Skip to content
This repository has been archived by the owner on May 6, 2021. It is now read-only.

Authenticated session persists in browser when GitHub session is closed. #1

Open
richardkmichael opened this issue Jul 7, 2011 · 1 comment
Open

Authenticated session persists in browser when GitHub session is closed. #1

richardkmichael opened this issue Jul 7, 2011 · 1 comment

Comments

@richardkmichael
Copy link
Owner

  1. Login to beer-app using GitHub: authenticate to GitHub.
  2. Logout of GitHub.
  3. Reload beer-app: login still works because of the existing session cookie authenticated in Authenticated session persists in browser when GitHub session is closed. #1. (?)

Can we do something about this? Always go back to GitHub for auth? That might be painful ; a GitHub call on every request. :/

Would this be expected behaviour anyway? E.g. If I just create a username/password pair and use it. It would persist as well, unless I use a 'Logout' button.

Perhaps users want this ; it's essentially short-term "Remember Me".
@franckverrot
Copy link
Collaborator

As long as your token is OK, the API will allow your calls, it has nothing to do with you being connected or not.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@franckverrot @richardkmichael