Thank you for pointing me in the right direction with this post. I came up with a simpler approach that doesn't require csst cookies, let me know what you think: dev.to/brianburton/cross-domain-fi...
Happy you've found this post helpful! I added a comment to your article but I'll repeat it here:
I like the general idea behind your approach, but wouldn't calling revokeRefreshTokens(<uid>) sign the user out of every browser and every device? Not just the browser/device they are trying to sign out of?
See this discussion which I had with another user who proposed using revokeRefreshTokens().
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thank you for pointing me in the right direction with this post. I came up with a simpler approach that doesn't require
csst
cookies, let me know what you think:dev.to/brianburton/cross-domain-fi...
FYI, I added a link to your article to the bottom of mine.
Happy you've found this post helpful! I added a comment to your article but I'll repeat it here:
I like the general idea behind your approach, but wouldn't calling
revokeRefreshTokens(<uid>)
sign the user out of every browser and every device? Not just the browser/device they are trying to sign out of?See this discussion which I had with another user who proposed using
revokeRefreshTokens()
.