#483 Update logout method to use /account/logout.php rather than auth/logout

v1.0.0
closed
nobody
None
General
nobody
2015-08-20
2010-07-07
Anonymous
No

Originally created by: sf-overlords

Created by: dean
Created date: 2010-05-28 21:06:01.424000
Assigned to:wolf

The new forge logout link goes to https://sourceforge.net/auth/logout Could it use https://sourceforge.net/account/logout.php instead? SFX, SFPY, and Dist all use that logout link, and I believe it will (un)set all the cookies correctly. I took a look at the headers that /auth/logout sent and it didn't unset the SFUSER cookie, for example. I think it may do some more too.

And the new forge can still know when a logout happens, even when its not handling it directly. In Dist, we store the PHPSESSID in our own session, and then on the first request after a logout we can see that the cookie PHPSESSID doesn't match the one we have in our session, so we know there's been a logout.

Discussion

  • Anonymous - 2010-07-07

    Originally by: sf-overlords

    Post by mramm:

    • assigned_to: Jonathan T. Beard
     

  • Anonymous - 2010-07-07

    Originally by: sf-overlords

    Post by mramm:

    • assigned_to: Jonathan T. Beard --> nobody
     

  • Anonymous - 2010-07-07

    Originally by: sf-overlords

    Post by noostendorp:

    • status: acceptance --> closed

    • milestone: beta1 -->

    • custom_field__size: -->

    • status: closed --> open

     

  • Anonymous - 2010-07-07

    Originally by: sf-overlords

    Post by wolf:

     

  • Anonymous - 2010-07-07

    Originally by: sf-overlords

    Post by wolf:
    - status: open --> closed
    fixed in commit 97a17d6

     

  • Anonymous - 2010-07-07

    Originally by: sf-overlords

    Post by wolf:

    • assigned_to: Wolf
     

Log in to post a comment.