-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Logout does not clear localStorage (AngularJS) when backend logout fails #1081
Comments
Can you provide a repo with steps-to-reproduce? See https://github.com/strongloop/loopback/wiki/Reporting-issues#bug-report |
Thanks for the update - haven't tried those fixes - will do. On Thu, Feb 11, 2016 at 8:02 PM, Loay notifications@github.com wrote:
|
My workaround is to use the $promise.catch block to manually remove the local storage item if a token has expired. Ideally Loopback could handle this, though, because then I could test properly. The test environment won't be able to access
|
See this PR that solve the problem. |
Looks like this has been solved: closing. If the issue persists, please re-open this issue and mention me in a comment so I can take a look right away. @mrbatista, thanks for your contribution! |
This happens e.g., when the client presents an invalid authorization token to the REST API, which will respond 500, and the interceptor that clears localStorage will not run.
To reproduce (using angularJS-generated model bindings)
The interceptor code will not run, leaving the invalid token in localStorage, meaning we're stuck. User.isAuthenticated() will respond true, but calls will not be authorized. We need the interceptor to run even if the server presents a 500 invalid token. For the AngularJS SDK code:
The text was updated successfully, but these errors were encountered: