search

LinusU / flutter_web_auth

Flutter plugin for authenticating a user with a web service
MIT License
197 stars 169 forks source link

Browser remembers my credentials, so I have to clear browser cache #144

Open adminant opened 1 year ago

adminant commented 1 year ago

Hi, I have a problem with login in Android. When I login 2nd time and after, I automatically pass on without login/password prompt, so if I want to change user, I have to run Chrome browser from Android desktop and choose Clear browsing data from its Settings. I know there is preferEphemeral flag, but it works only in iOS.

LinusU commented 1 year ago

preferEphemeral is implemented on Android as well, is it not working?

https://github.com/LinusU/flutter_web_auth/blob/aa4ebfa209612d06b3e224566a86fe1938dd5e5c/android/src/main/kotlin/com/linusu/flutter_web_auth/FlutterWebAuthPlugin.kt#L57-L59

adminant commented 1 year ago

preferEphemeral is implemented on Android as well, is it not working?

Unfortunately not. Login process is based on cookies, and I have to clear browsing data in Chrome everytime for other login/password to work. In iOS everything works as expected.

adminant commented 1 year ago

Any ideas? How must that no_history flag work? I think for this mode we must run some kind of clear session of browser without cookies, don't use old cookies and don't save new ones. Is this possible?

LinusU commented 1 year ago

I'm not familiar with how the native Android side works, but if you can show me how to make it work with native Android code I'd be happy to incorporate it into this library...

sebkoller commented 1 year ago

The intent flag is for the Android intent, not for the custom Chrome tab: [1]

If set, the new activity is not kept in the history stack.

There seems to be a way to open an incognito tab [2], but that option might not be available by default and must be enabled with a flag in Chrome. I haven't tested this myself.

[1] https://developer.android.com/reference/android/content/Intent#FLAG_ACTIVITY_NO_HISTORY [2] https://stackoverflow.com/questions/66443545/how-can-i-start-chrome-custom-tabs-in-incognito-mode

fras2560 commented 1 year ago

@adminant where you able to resolve this issue?

adminant commented 1 year ago

@adminant where you able to resolve this issue?

I was able to get rid of this cookies problem only with help of our back-end team. They changed server-side logic. Unfortunately, I could do nothing on mobile app side only.