OpenID. How do you logout

后端 未结 4 790
醉梦人生
醉梦人生 2021-02-19 04:10

On a website I have implemented the login using OpenID (based on StackOverflow).

But I can\'t seem to logout.
On my host I can logout but when the user tries to logi

4条回答
  •  遥遥无期
    2021-02-19 04:58

    "It's a feature not a bug"

    The id provider can choose to keep the user authorized for the provider through cookies, and further can choose not to re prompt the user about sharing the same information that was shared previously (with a prompt). So when the user on Site A, asked to be authorized through Site B, and got redirected, Site B first asked for the user to authenticate him or her self. Then Site B asked if it should share any information (and sometimes which information) with Site A. At this point it will also customarily ask if you want to automatically share this same information in the future. Some providers will assume yes, some no, some won't ask. Site B then redirects to Site A and shares the information, you're now logged in.

    If Site A makes a second redirection to Site B to request a login, Site B might 1) Already have a cookie that authenticates the current user of Site B. 2) Already have a record of what information is acceptable to share with Site B. 3) Automatically share this information through a redirect without pausing to prompt the user at all.

    This is a feature centered around convenience.

提交回复
热议问题