hello icon indicating copy to clipboard operation
hello copied to clipboard
verified publisher icon 0dataapp

Solid authenication doesn't work between examples

Open NoelDeMartin opened this issue 4 years ago • 7 comments

As noticed by @bourgeoa, when you log into one of the Solid examples, you can't use the other ones without logging out first.

I'm not sure there's an easy way to solve this problem without complicating in excess, but at least we can have this issue open in case someone stumbles upon the problem.

NoelDeMartin avatar Dec 19 '21 07:12 NoelDeMartin

Interesting. If there's a simple explanation for why, I'd be curious to know.

rosano avatar Dec 19 '21 14:12 rosano

I think the explanation is that the authentication library stores data under localStorage, and given that the applications are run on the same domain (hello.0data.app, localhost:3000, etc.), the storage is shared so it thinks that you're logged in and takes you back to the original url you logged in from (hello.0data.app/solid/solid-rest-api, localhost:3000/solid/solid-rest-api, etc.). It's generally a bad idea to serve multiple apps from the same domain (I've made that mistake myself), but for this examples it may be overkill to have a subdomain per each one

NoelDeMartin avatar Dec 19 '21 17:12 NoelDeMartin

Ok, I misunderstood it as the opposite… After logging in with the REST example and viewing solid-file-client, it 'automatically presents the data from my account'—I actually like this and would consider it a feature as it demonstrates fluidity despite using different approaches.

rosano avatar Dec 19 '21 18:12 rosano

I actually like this and would consider it a feature as it demonstrates fluidity despite using different approaches.

I'm not sure if we're still understanding each other. When you log into the REST API example, if you then try to use the solid-file-client example you'll be redirected to your identity provider and then back to the REST API example. So you won't be able to use the solid-file-client example without logging out from the REST API first, and the problem is that since the UI is the same maybe you don't even notice.

Given that this is targeted to developers understanding the code, and possibly tinkering with it, I think that's a problem.

NoelDeMartin avatar Dec 20 '21 06:12 NoelDeMartin

Could we try to automatically logout when leaving a solid page app ?

bourgeoa avatar Dec 20 '21 14:12 bourgeoa

I'm not sure if we're still understanding each other. When you log into the REST API example, if you then try to use the solid-file-client example you'll be redirected to your identity provider and then back to the REST API example. So you won't be able to use the solid-file-client example without logging out from the REST API first, and the problem is that since the UI is the same maybe you don't even notice.

Whoops, that's exactly what happened! Nevermind what I said.

rosano avatar Dec 20 '21 16:12 rosano