Logout in Twake web does not kill session in Twake Console and other way

linagora / Twake

Twake is a secure open source collaboration platform to improve organizational productivity.

https://twake.app

GNU Affero General Public License v3.0

1.79k stars 195 forks source link

Logout in Twake web does not kill session in Twake Console and other way #1160

Closed hantt12 closed 3 years ago

hantt12 commented 3 years ago

Solution

The OIDC logout callback is /ajax/users/console/openid/logout_success
It redirects to /login?auto or /login?error_code=aaa if error
We need to delete the JWT session in localstorage when passing to login?auto

chamerling commented 3 years ago

Don't we use OIDC? If yes, everything is already provided by it to manage logout called Global logout.

RomaricMourgues commented 3 years ago

Are you so sure with LemonLDAP? :p Just kidding, we provided the logout endpoint for OIDC (that should be run in an iframe by LemonLDAP standards) but it is probably badly configured or url is not set, I will check as soon as I have time.

RomaricMourgues commented 3 years ago

Related to #1332