- https://rjevski.io
-
Joined on
2024年10月20日
I have implemented it in a different way, instead of using the "phone support" in the adapter/etc, I instead:
Support headless (browser) operation.
This is a tricky one, because frontend Javascript can not always achieve the IdP logout even if it was aware of the IdP logout URL, both because of the...
Sorry, I'm not following - do you mean store the logout data (id_token, etc) as part of the request.session['AUTHENTICATION_METHODS_SESSION_KEY'] structure?
The reason we do the stashing in the adapter and not the provider is that doing so at the adapter level lets us determine whether it's a login vs a connection (I believe the adapter's login method...
As the spec says it seems to be up to the application. I guess we could make this a configurable parameter as to whether to log out from the IdP first or whether to logout locally first?
The...
Could this explode if the socialaccount app isn't installed? On the other hand, we should never end up here if it isn't installed, as the authentication records would never include any social app so I think it's fine.
Yes, sorry, copy-paste fail (this is copied from a subclass where calling super would actually call the original Allauth method). Will fix.
Oh wow you are right, I completely missed that. Indeed, I will remove it!