[MP4] [ISSUE] Logout not working correctly when using oAuth (security thingy)

Maniaplanet public API, ManiaConnect system and the open source PHP SDK.

Moderator: NADEO

Post Reply
User avatar
Posts: 776
Joined: 15 Jun 2013, 10:57
Location: The Netherlands

[MP4] [ISSUE] Logout not working correctly when using oAuth (security thingy)

Post by toffe » 12 Aug 2017, 14:05

Hey :),

When you use oAuth2 and redirecting to the authorize route, it will pass and redirect, even when the user did logout on the maniaplanet.com site.
Using the v4.live.maniaplanet.com prefixed URL for the oAuth requests (maybe this is the thing?, but it stated in the docs). It seems the session never gets fully killed or invalidated correctly or the two are separate sessions, which is maybe a problem when you think you are fully logged out, but you aren't really all the way.

You can reproduce with the following steps:
1. Create oAuth2 app and hit Login button.
2. It will redirect to the oAuth2 route of the API/WS.
3. Login with your credentials.
4. Accept the App and get redirected back to the app.
5. Head towards maniaplanet.com and login if not yet done.
6. Logout on maniaplanet.com.
7. Kill session of app and hit the logon button again.

EDIT: It seems also weird that you want to have the chat activated when you login via oAuth screen btw, maybe remove it if it's an oAuth request?

User avatar
Posts: 1678
Joined: 01 Feb 2012, 19:13
Location: Bordeaux

Re: [MP4] [ISSUE] Logout not working correctly when using oAuth (security thingy)

Post by magnetik » 21 Aug 2017, 10:33

The session was indeed not shared between the two domains. This is now fixed :thumbsup:
ManiaPlanet technical documentation portal (Dedicated, ManiaLink, ManiaScript, Titles...) -- contribute!

Post Reply

Return to “Maniaplanet Web Services”

Who is online

Users browsing this forum: No registered users and 3 guests