question

Polina Zubova avatar image
Polina Zubova asked Yatin Gera Deactivated commented

RingCentralSDK Authorization session management

Hi all,

I need some assistance with login-logout flow with OAuth login flow.

As the user I want:

1. Login with one account.

2. Logout

3. Login with a different account


In the steps hire in code I use:

1. rcsdk.loginWindow and than make rcsdk.login (popup open, user login, it's okay)

2. rcsdk.logout

3. the same as 1 step

In the step 3 user see in pop up window 'Continue as' first account he used, it will not require any password.

Is there any way I can after logout in the new login not show user information about his previous login, just clean login?

Will appreciate your help on that.

sdkauthentication
2 comments
1 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Yatin Gera avatar image Yatin Gera ♦♦ commented ·

@Polina Zubova
The session details are saved in the cookie in the browser once the user logs in
Is your use case where multiple users can log in from the same browser on the same machine?
If that is not the case, any other user trying your app will still see a login screen since their browser cookie will not be set

1 Like 1 ·
Polina Zubova avatar image Polina Zubova Yatin Gera ♦♦ commented ·

Hi @Yatin Gera ,

"Is your use case where multiple users can log in from the same browser on the same machine? "

yes, this is the case. Can I use some property in rcsdk.login or rcsdk.loginWindow to not store cookie in pop up?

0 Likes 0 ·

1 Answer

Yatin Gera avatar image
Yatin Gera Deactivated answered Yatin Gera Deactivated commented

When you log in using OAuth, the session cookies are stored in the browser when you are redirected to the RingCentral auth page and successfully log in.
There is also your use case where multiple users might be using the same machine and browser instance to log into the app where the cookies will not be deleted by default.
From what I know, the SDK does not have such an option to force deleting the cookies.

There are 2 things you can do that I can think of right now

1. Make sure the logged-in user closes the browser after login. Closing the browser instance after they are done working should (from what I know) clear the cookies. That being said, this is a manual task

2. You might want to implement your own loginWindow This function will be exactly what the SDK does with the addition of clearing the cookies before closing the browser.
What that means is that your loginWindow method should be exactly like https://github.com/ringcentral/ringcentral-js/blob/3f0fbee8e5a31bca9e43a9f6fa7470fbfaf92b49/sdk/src/platform/Platform.ts#L348 with the addition of clear cookie at line 394

These are the 2 suggestions that I have right now. Maybe anyone else reading this could add more to it if they are aware of it

If you find this. helpful, kindly accept the answer for others to find it useful

2 comments
1 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Polina Zubova avatar image Polina Zubova commented ·

Will try, thanks

1 Like 1 ·
Yatin Gera avatar image Yatin Gera ♦♦ Polina Zubova commented ·

No worries!
If the cleaning cookies option works, it would be great if you could share your findings here for the larger audience
Cheers

0 Likes 0 ·

Developer sandbox tools

Using the RingCentral Phone for Desktop, you can dial or receive test calls, send and receive test SMS or Fax messages in your sandbox environment.

Download RingCentral Phone for Desktop:

Tip: switch to the "sandbox mode" before logging in the app:

  • On MacOS: press "fn + command + f2" keys
  • On Windows: press "Ctrl + F2" keys