[Koha-bugs] [Bug 18549] There should be a warning that logging out of Koha will leave browser session logged in to OAuth
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu May 11 00:23:24 CEST 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18549
--- Comment #11 from M. Tompsett <mtompset at hotmail.com> ---
(In reply to Katrin Fischer from comment #10)
> We could make the warning optional, but I think it would be a nice thing to
> have.
A system preference: Koha Only (default), Koha and Google, Prompt (recommended
to give users freedom of choice)?
If Koha Only, log out URL generates page similar to currently.
If Koha and Google, log out URL generates the double logout version.
If Prompt, modal popup like now.
Would that be acceptable?
I've been tinkering with revoking the authorization token after log in, the
problem is Google stores session information in cookies, which I am having
difficulty eliminating. This makes clicking on the previous email
auto-magically log in.
google.com: SSID and SID, accounts.google.com: LSID, ACCOUNT_CHOOSER.
Get rid of those four cookies manually, and a login is forced without the
previous email being remembered.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list