Automatically Logout users in cases when persistSession is false and the user closes the browser window #3384
Unanswered
chipilov
asked this question in
Feature Requests
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
It seems that currently the only mechanism for removing or revoking refresh tokens is:
However, if an app sets the "persistSession" param of the SupbaseClient object to false, this means that if the user closes the browser window, they will be implicitly logged out since the access token will be lost.
Maybe in such cases (i.e. ONLY when "persistSession" is false), the client can automatically send a logout request when the window.onunload even is fired.
One potential issue with this is that the user will also be logged out on any other open windows. Hence, the automatic logout request might also be made configurable in the SupabaseClient constructor.
To be honest, not sure if it is better to add yet another config to the constructor (which will only be valid if "persistSession" is false) or to have the app developer handle this themselves.
What do you think?
Beta Was this translation helpful? Give feedback.
All reactions