Git Product home page Git Product logo

Comments (6)

yo34 avatar yo34 commented on August 10, 2024

same question.

from passport-github.

yo34 avatar yo34 commented on August 10, 2024

Is 's seem passport projet is not maintened

from passport-github.

jaredhanson avatar jaredhanson commented on August 10, 2024

Passport provides authentication only, in the case of GitHub it does this by obtaining an access token and the user's profile information. Any token revocation is out-of-scope, and needs to be handled by the application, by calling the relevant GitHub API

from passport-github.

GeoffreyPlitt avatar GeoffreyPlitt commented on August 10, 2024

Is https://oauth.net/2/token-revocation/ not an option?

from passport-github.

jaredhanson avatar jaredhanson commented on August 10, 2024

If GitHub supports that API, then it would be, but I don't think they do. Either way, any token revocation would need to happen after authentication, and is not a feature of Passport.

from passport-github.

yo34 avatar yo34 commented on August 10, 2024

@jaredhanson, yes this is what I did. But i was wondering if there is a possibility just to logout or to delete the cookie "user_session" that is generate with github instead.
I make a test with passport-facebook, I observe the same behaviour. When I login, after logout, the session with my client and the express server is closed. But If i click again on the login Facebook, it's reconnect without prompting for password. I think this is a security problem.

Passport provides authentication only, in the case of GitHub it does this by obtaining an access token and the user's profile information. Any token revocation is out-of-scope, and needs to be handled by the application, by calling the relevant GitHub API

from passport-github.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.