Closed miroslavpojer closed 1 year ago
Which branch is it on? I'm unable to reproduce, when I do logout and refresh it says "Session has expired" and I'm being redirected to login page.
Which branch is it on? I'm unable to reproduce, when I do logout and refresh it says "Session has expired" and I'm being redirected to login page.
An issue has been found develop branch.
On develop it works for me.
System: MacOS 12.5.1 Tomcat: 9.0.65 Browser: Chrome 105.0.5195.102
With #2142 merged this should be fixed (as it removes JWT from cookies totally).
With #2142 merged this should be fixed (as it removes JWT from cookies totally).
I will re-test it.
Edit: #2142 has been re-tested (feature/2131-review-csrf-and-jwt-tokens-usage) on Brave, Chrome and Edge. JWT cookies is being removed during logout. Problem reported by this issue is not more visible.
Describe the bug
When user perform Logout then JWT cookie persist in browser. When page refresh happen then user can see main page again without login action. The visible page is without data and not usable.
To Reproduce
Steps to reproduce the behavior OR commands run: Expectation:
Expected behavior
After user Logout the JWT cookie does not exist.
Screenshots
Application state after refresh.![Application state after refresh.](https://user-images.githubusercontent.com/109138042/190399524-ad95fc74-6e10-4cba-97ab-81a9f1ed11da.png)
Desktop (please complete the following information):