Currently the logout functionality of allura is not working. The allura-loggedin cookie gets deleted as expected, but the session remains active.
It appears that by adding self.session.delete() to the logout method (on AuthenticationProvider), it fixes the issue. But further analysis need to be done to see why self.session.invalidate() doesn't work as expected.
Log in to post a comment.