Session isn't reset after logging out #80
Comments
is the record still in the table or not after the log-out ? |
|
I have the same issue, I delete all sessions in the database, but our devise user still stays logged in and the session gets recreated? wtf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In my app, the user can login via oauth (using omniauth). They log out by calling
Devise::SessionsController#destroy. When this happens,current_useris nil, and thesessionobject is reset. All good, seemingly.However, when the user tries to login via oauth again, and the omniauth callback gets called,
current_useris already present! In the callback,session.to_jsonreturns a valid session with the user that was previously logged in. This makes me think that the session isn't resetting properly during logout. I've spent a fair amount of time trying to debug this line by line but haven't gotten anywhere. Has anyone else experienced this problem?I read over this issue but that was for
cookie-storeonly.The text was updated successfully, but these errors were encountered: