diff --git a/backend/areas/auth/auth.py b/backend/areas/auth/auth.py
index c972752e623746a72a4f9225dde914cdf2f3da3f..5ea14d93a7721ac74bd976a2c3698df8f1b1b434 100644
--- a/backend/areas/auth/auth.py
+++ b/backend/areas/auth/auth.py
@@ -36,8 +36,10 @@ def hydra_callback():
if i["traits"]["email"] == user_info["email"]:
identity = i
+ # Short lifetime for token. If the session is still active, it will be
+ # automatically renewed via Hydra.
access_token = create_access_token(
- identity=token, expires_delta=timedelta(days=365), additional_claims={"user_id": identity["id"]}
+ identity=token, expires_delta=timedelta(hours=1), additional_claims={"user_id": identity["id"]}
)
apps = App.query.all()
diff --git a/backend/web/login/login.py b/backend/web/login/login.py
index e285572165ef9abb04f69910e1b14a1c3b0d9138..e03b03ed3f07a347a40897f4b49aa0e485cb0647 100644
--- a/backend/web/login/login.py
+++ b/backend/web/login/login.py
@@ -580,7 +580,8 @@ def logout():
if not kratos_cookie:
# No kratos cookie, already logged out
current_app.logger.info("Expected kratos cookie but not found. Redirecting to login");
- return redirect("login")
+ return render_template("clear.html",
+ url="login")
try:
# Create a Logout URL for Browsers
@@ -592,7 +593,8 @@ def logout():
current_app.logger.error("Exception when calling"
" create_self_service_logout_flow_url_for_browsers: %s\n",
ex)
- return redirect(kratos_api_response.logout_url)
+ return render_template("clear.html",
+ url=kratos_api_response.logout_url)
if DEMO_INSTANCE:
diff --git a/backend/web/templates/clear.html b/backend/web/templates/clear.html
new file mode 100644
index 0000000000000000000000000000000000000000..c1a37ddbc0c3462c3173dc5c02a4e80a392b1655
--- /dev/null
+++ b/backend/web/templates/clear.html
@@ -0,0 +1,14 @@
+{% extends 'base.html' %}
+
+{% block content %}
+
+<script>
+ // Wipe the local storage
+ localStorage.removeItem("persist:root");
+ // Redirect
+ window.location = '{{ url }}';
+</script>
+
+Redirecting ...
+
+{% endblock %}