-
-
Notifications
You must be signed in to change notification settings - Fork 693
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Log out mechanism for clearing ds_actor cookie #840
Comments
I don't like how this often involves a logout link that can be maliciously activated. I'm going to use a CSRF protected form button styled to look like a link instead. |
Another problem: what to display in the "you are logged in as", since we don't dictate an actor design. I'm going to use a includes template for this that can easily be over-ridden by administrators or by plugins. The default will look for the first available of the following keys:
|
Step one: a "logout" page at |
Now just need the "Logged in as: XXX <logout>" navigation item. |
Need a cookie clearing mechanism and a way to show that you are logged in.
datasette-auth-github
had a solution for this that can be pulled into core.The text was updated successfully, but these errors were encountered: