Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
pleroma
pleroma
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 372
    • Issues 372
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 54
    • Merge Requests 54
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • Pleroma
  • pleromapleroma
  • Issues
  • #952

Closed
Open
Opened May 31, 2019 by shibayashi@shibayashiDeveloper
  • Report abuse
  • New issue
Report abuse New issue

Delete/Revoke OAuth token at logout

Maybe I’m overlooking something obvious, but why aren’t OAuth tokens revoked at logout? This would reduce the amount of valid tokens in the overview.

The logout currently happens purely on the client side, which also means, that the pleroma_key cookie can’t be deleted in Pleroma-FE, because of the HttpOnly flag.

Edited May 31, 2019 by shibayashi
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: pleroma/pleroma#952