Using netlifyIdentity.logout() does not clear the nf_jwt cookie. Site can still be accessed until cookie expiration.

[FODS-LLC]

Thank you for all the work you have put into building this identity tool. I have an observation about the netlifyIdentity.logout() function that I believe is a bug.

After logging in to the application using the widget, I end up with a cookie labeled nf_jwt and an entry in localStorage called gotrue.user and I can access the pages requiring permissions.

When I log out using netlifyIdentity.logout() function then the localStorage entry is cleared, but the cookie persists. I am able to navigate back to the protected pages.

I'm not sure if it is better to set the cookie expiration to a past time or delete the cookie on logout, but both seem to work for me.

[git-user-hub]

true

any improvements?

[mireille-raad]

I am trying to get netlifyIdentity.on('logout', () => console.log('Logged out')); to fire, so I can do some clean up work. It is not firing up.

Are there any workarounds for logout that we can work with?

[st3phhays]

I am now experiencing this issue, took me a while to figure out. Anyone have a workaround or plans to fix this? Seems this issue has been open for quite a while now.