不清除令牌在使用 Angular、MSAL 和 Azure AD B2C 时退出登录

huangapple go评论72阅读模式
英文:

Not clearing token when logging out using Angular, MSAL and Azure AD B2C

问题

我已经从https://github.com/Azure-Samples/ms-identity-javascript-angular-tutorial下载了Azure AD B2c Angular教程。

我已经设置好了,一切都正常运行:

  • 我可以登录
  • 如果我尝试查看未受保护的页面而未登录,它会将我重定向到登录页面。
  • 我可以登出

然而,注销后,它似乎已清除了令牌(即使我使用Devtools清除了所有存储),如果我再次转到受保护的页面,它会自动登录,而不需要输入电子邮件/密码。

我是否遗漏了什么?

英文:

I have downloaded the Azure AD B2c Angular tutorial from https://github.com/Azure-Samples/ms-identity-javascript-angular-tutorial

I have set it up and it's all running ok:

  • I can login
  • If I try to view an unguarded page without logging in it redirects me to login page.
  • I can logout

However, after I logout, and it appears to have cleared the token - (and even if I clear all the storage using Devtools), if I go to to the guarded page again, it logs me in automatically without requiring email/password.

Am I missing something?

答案1

得分: 0

在auth-config.ts文件中,找到以下代码:

export const loginRequest = {
    scopes: []
}

将其更改为:

export const loginRequest = {
    scopes: [],
    prompt: 'login'
}

这将强制用户在该请求中输入其凭据,从而取消单点登录。

更多详细信息可以在此处找到。

英文:

Ok, I finally found an answer to the problem:

In the auth-config.ts find this code:

export const loginRequest = {
    scopes: []
}

Change it to:

export const loginRequest = {
    scopes: [],
    prompt: 'login'
}

This forces the user to enter their credentials on that request, negating single-sign on.

More details can be found here

huangapple
  • 本文由 发表于 2023年2月19日 03:09:46
  • 转载请务必保留本文链接:https://go.coder-hub.com/75495752.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定