Problem Summary
Users remain logged in even after logging out and refreshing the page, likely due to JWT tokens not being properly removed from local storage.
Description
When a user attempts to log out of the application, the expected behavior is for their session to be completely terminated on the client side. However, it appears that the JWT, which is stored in local storage to manage session state, is not being correctly removed. This issue allows users to still access their session if they refresh the page after attempting to log out.
Steps to Reproduce
- Log into the application with valid credentials.
- Click on the logout button to terminate the session.
- Refresh the browser.
- Notice that the user session is still active and the user is not redirected to the login page.
Expected Behavior
- Upon clicking the logout button, the application should clear all session information, including the JWT stored in local storage.
- After logging out, refreshing the page should redirect the user back to the login page, indicating a complete termination of the session.
Potential Causes
- The logout function may not be executing the command to remove the JWT from local storage, or the command might fail to execute properly.
- There could be an issue with how the state is being managed in the application, preventing the proper updating of the user's authentication status.
Problem Summary
Users remain logged in even after logging out and refreshing the page, likely due to JWT tokens not being properly removed from local storage.
Description
When a user attempts to log out of the application, the expected behavior is for their session to be completely terminated on the client side. However, it appears that the JWT, which is stored in local storage to manage session state, is not being correctly removed. This issue allows users to still access their session if they refresh the page after attempting to log out.
Steps to Reproduce
Expected Behavior
Potential Causes