Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Single Sign Off - CodeIgniter - Embed

I've managed to rewrite the jsConnectPHP files from GitHub to work for a Seamless Embed SSO method in CodeIgniter. All works great. I plan on sharing my experience by doing a fork on GitHub... but first, the last remaining part of this is enabling SS Off.

To be clear, when I log out of my website I want to also be logged out of vanilla automagically.

In my logout function, I've tried deleting the cookies (CI code):

        $cname = "Vanilla-Vv";
        // replace text http:// and https://  in base_url
        $sReplace = array('http://','https://');
        $domain = str_replace($sReplace, '', base_url());
        $domain = str_replace("/", "", $domain);
        $path = "/";
        $prefix = "";

        delete_cookie($cname, $domain, $path, $prefix);

        $cname = "Vanilla";
        delete_cookie($cname, $domain, $path, $prefix);

        $cname = "Vanilla-Volatile";
        delete_cookie($cname, $domain, $path, $prefix);

It appears as if the cookies are just being remade rightaway. Anyway, does anyone know the proper way of doing a logoff in this situation?

Vanilla 2.3
jsConnect 1.5.3
Vanilla jsConnect Auto SignIn 0.1.8b
CodeIgniter 3.1.4

TIA, Donovan


  • Options

    FYI, the solution I came up with here was to grab the TransientKey from the GDN_User table at the main site, then first hit Vanilla's signout URL with the target paramater filled in to be the signout of the website.

    So, the user is first signed out of Vanilla, then Vanilla redirects to sign the user out of the website. It seems to work for my specific situation. Deleting vanilla cookies did nothing.

Sign In or Register to comment.