Logout of app on logout of oidc? #3707
Replies: 3 comments 1 reply
-
|
The other way to ask this question / try to understand what’s happening here is how the login info is passed to Django. I guess effectively in this setup the user is logged in with the help of allauth but after that it’s not doing much (?). Since it’s not, for example, checking auth with every request, when the second user loads the app Django says “oh look a user is already logged in, let’s keep going”. So the corollary would be, can we “force” re-authorization in Django when the second user logs in via oidc? Guess I need to track down where that link is made and see why it doesn’t run again the second time. Appreciate any thoughts / pointers if anyone has em. |
Beta Was this translation helpful? Give feedback.
-
|
This is a duplicate of #3111 -- closing. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for that, I’m aware of that open id feature, seems like the “real” solution though other services (eg authelia) don’t support it yet. Just to ask, I was also trying to figure out if there’s any way to “capture” when a new user arrives via an oidc provider forward auth, basically at that point somehow “check” if the correct user is logged in. But the more I thought about / looked into this, I believe that’s just not possible. Just wondering if that understanding is correct? Either way, thanks again for your time |
Beta Was this translation helpful? Give feedback.
-
|
Oops, I mistakenly thought this was filed as an issue and therefore I closed it. Reopening, given that this is a discussion... |
Beta Was this translation helpful? Give feedback.
-
Hi, thanks for this wonderful package, really appreciate the ease of adding all of this power to our app. One thing that came up I wasn't sure about: if a user has OIDC behind a reverse proxy setup with the app and logged in, logging out directly from the OIDC provider (not the app) doesnt seem to logout the user from the app, so then if another user logs into oidc (because the reverse proxy requires it) upon returning to the app the previous user is still effectively logged in.
First I just wanted to check this is expected behavior? Second, is there a way to do that?
Beta Was this translation helpful? Give feedback.
All reactions