Sign out Issue - Githubissues

Tychobra / polished

Authentication and Administration for Shiny apps

https://polished.tech

Other

234 stars 36 forks source link

Sign out Issue #148

Closed farhadsalimi closed 2 years ago

farhadsalimi commented 3 years ago

How can a user sign out of the Shiny app? I have used Polished to authenticate it. When I sign in, I stay signed in even when I close the browser and reopen the dashboard.

Can you help me with this please?

J-flem commented 3 years ago

Hi @farhadsalimi, I experienced the same issue. Unless you sign in with an account that has admin privileges you don't automatically get a sign out option. I believe it stores the login as a browser cookie just fyi.

For my use case I added a "logout" button to my app to allow users to log out. sign_out_from_shiny() is a polished function. the session$reload() just sends the user back to the polished login page you have set up for your app.

in my ui function actionBttn(inputId = "logoutBtn", label = "Logout", style = "unite", color = "warning")

in my server function observeEvent(input$logoutBtn,{ sign_out_from_shiny(session) session$reload() })

farhadsalimi commented 3 years ago

Hi @farhadsalimi, I experienced the same issue. Unless you sign in with an account that has admin privileges you don't automatically get a sign out option. I believe it stores the login as a browser cookie just fyi.

For my use case I added a "logout" button to my app to allow users to log out. sign_out_from_shiny() is a polished function. the session$reload() just sends the user back to the polished login page you have set up for your app.

in my ui function actionBttn(inputId = "logoutBtn", label = "Logout", style = "unite", color = "warning")

in my server function observeEvent(input$logoutBtn,{ sign_out_from_shiny(session) session$reload() })

Thanks, this works but ideally users should be logged automatically out after a few mins of inactivity or when they close the browser. It is specially important in shared systems.

merlinoa commented 3 years ago

Thanks @farhadsalimi. Yes I agree this is a useful setting that we should implement. I'll add the ability to auto log out users after a certain amount of inactive time and/or after closing the browser. It will be a new argument to global_sessions_config(). I'll update this issue and close it out once the feature is added.

phoward38 commented 2 years ago

Hi @farhadsalimi, we've added a cookie_expires argument to global_sessions_config(). This can be set to NULL to sign the user out when they close the browser. You'll need to install the development version to have this feature (remotes::install_github("tychobra/polished")). Please reopen if you have any issues with this feature.