Support » Plugin: WordPress OAuth Server ( Login with WordPress ) » Log out after remove user and change terms message

  • Hello miniOrange Team,

    If I remove a user’s account and this user was logged in, the user is still logged in, while this user doesn´t log out or the cookies expire. But this would be a mistake, because this user can continue to view the content for a while. Is there a way to solve this?

    When the user logs in the first time, gets a form to accept some terms. Is this mandatory? If so, why is it mandatory? Can I change the text?

    Thankst,
    Tamara Z.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author miniOrange

    (@cyberlord92)

    Hi Tamara,

    We are looking into the issue why user is still logged in after removing the user account.

    For the first time form, it is consent for users to share their data with the application they are trying to access. You can change the text or remove this form, which is supported with our paid plans.

    Thanks for the answer.

    We have a Multisite and we are thinking of buying the plugin, but I’m testing it locally first

    Plugin Author miniOrange

    (@cyberlord92)

    Hi Tamara,

    Thank you for the update.

    If you want to log out the already logged in user from the client site when that user from the server-side is deleted, it will require an endpoint in the client-side which accepts username of the deleted user, so that the user also gets deleted from the client site.

    Can you tell us which framework/CMS are you using for the client application?
    Let us know more about your use case so that we can point you in the right direction.

    Also, let us know if you need any help with the setup.

    Thanks,
    Team miniOrange

    Hi @cyberlord92,

    Sorry, I don’t know what you mean with: ‘it will require an endpoint in the client-side which accepts username of the deleted user’.

    To do the test I’m using your plugin: OAuth Single Sign On – SSO (OAuth client)for WordPress. But in the online version, the server will be in WordPress and the client in Drupal.

    Regards,
    Tamara Zambrana

    Plugin Author miniOrange

    (@cyberlord92)

    Hi Tamara,

    Thank you for the information.

    There are two ways to log out the deleted user from the client site.
    1. Continuously poll the introspection endpoint of the server so that when the user from the server side is deleted, the client can detect the change and logout that user.
    2. Add an extra endpoint in the client plugin. So that when the user from the server is deleted, it will send the request to the client on the added endpoint to delete that user. On the client-side, the deleted user will be identified and if it has already logged in, then it is logged out from the client site.

    Let us know which approach from the above is suitable for you.

    Thanks,
    Team miniOrange

    Thanks @cyberlord92,

    I don’t know which one is safer.

    If with the first one I can do the configuration directly in the serve, I would choose the first one. Can I configure it in the plugin options? Or do I have to make changes in the code?

    Server Configuration:
    https://a.uguu.se/3iJHbymfEYxC_server.JPG

    Client Configuration:
    https://a.uguu.se/bO6uvkkFF317_client.JPG

    Regards,
    Tamara Zambrana

    Plugin Author miniOrange

    (@cyberlord92)

    Hi Tamara,

    For this feature modifications will be needed in both client and server plugins.

    We will provide you support for this feature in our paid versions and there won’t be any need to make any changes in the code.

    If I understand correctly, this means that in the ‘free’ version if the user was deleted, he will still be able to connect to the server, right? So I can’t test it until I have the PRO version

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.