Login/Logout/Login sequence remembers old login credentials

[arikanorh]

Version info

Angular:
"^6.0.3"

Firebase:
"^5.2.0"

AngularFire:
"^5.0.0-rc.11"

Other (e.g. Ionic/Cordova, Node, browser, operating system):

How to reproduce these conditions

Failing test unit, Plunkr, or JSFiddle demonstrating the problem

Steps to set up and reproduce
I'm using angularfire2 authentication with GoogleAuthProvider. The authentication works like charm. Then i can log out just fine. However, after i logout, If i kick-off oauth login again, the previous user logs in automatically without asking any password or even any prompt to login.

How is this secure? When logout, I expect my account to be logged out and feel safe. My password or login info shouldnt be remembered once a logout happens.

Am i doing this wrong

Sample data and security rules

<-- include/attach/link to some json sample data (or provide credentials to a sanitized, test Firebase project) -->

Debug output

** Errors in the JavaScript console **

** Output from firebase.database().enableLogging(true); **

** Screenshots **

Expected behavior

User should be asked for login credentials

Actual behavior

User is logged in automatically based on last login.

[davideast]

Hi @arikanorh. I'm not sure what code you're using so it's hard to tell you if you're using the right approach. However, if you've already accepted access on the Google profile it won't require you to accept access for every login. If you have further questions ping the official JS SDK repo as AngularFire is just a wrapper around auth. https://github.com/firebase/firebase-js-sdk/