英文:
Not clearing token when logging out using Angular, MSAL and Azure AD B2C
问题
我已经从https://github.com/Azure-Samples/ms-identity-javascript-angular-tutorial下载了Azure AD B2c Angular教程。
我已经设置好了,一切都正常运行:
- 我可以登录
- 如果我尝试查看未受保护的页面而未登录,它会将我重定向到登录页面。
- 我可以登出
然而,注销后,它似乎已清除了令牌(即使我使用Devtools清除了所有存储),如果我再次转到受保护的页面,它会自动登录,而不需要输入电子邮件/密码。
我是否遗漏了什么?
英文:
I have downloaded the Azure AD B2c Angular tutorial from https://github.com/Azure-Samples/ms-identity-javascript-angular-tutorial
I have set it up and it's all running ok:
- I can login
- If I try to view an unguarded page without logging in it redirects me to login page.
- I can logout
However, after I logout, and it appears to have cleared the token - (and even if I clear all the storage using Devtools), if I go to to the guarded page again, it logs me in automatically without requiring email/password.
Am I missing something?
答案1
得分: 0
在auth-config.ts文件中,找到以下代码:
export const loginRequest = {
scopes: []
}
将其更改为:
export const loginRequest = {
scopes: [],
prompt: 'login'
}
这将强制用户在该请求中输入其凭据,从而取消单点登录。
更多详细信息可以在此处找到。
英文:
Ok, I finally found an answer to the problem:
In the auth-config.ts find this code:
export const loginRequest = {
scopes: []
}
Change it to:
export const loginRequest = {
scopes: [],
prompt: 'login'
}
This forces the user to enter their credentials on that request, negating single-sign on.
More details can be found here
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论