When logging out the cookie still persists and on refresh I'm back in, notably the api request to the logout endpoint has a 400 status. There's weird things happening, like not being authorized to delete rows from collections as well.
I'd appreciate any help.
#Admin UI, logout doesn't actually logout
spiral pier
weak muskBOT
spiral pier
Nvm I am dumb, I had csrf enabled
weak muskBOT
weak muskBOT
You do not have permission to mark this thread as solved. Only thread creators, contributors and payload team members can mark a thread as solved.
thick lagoon
Nvm I am dumb, I had csrf enabled
Why should logging out not work if you have csrf enabled? I have the same issue. Im not into that networking authentication stuff... Can you explain it?
spiral pier
Why should logging out not work if you have csrf enabled? I have the same issue....
In my case I ran my dev env on localhost (3000 for backend, 5173 for frontend), my auth cookies were named the same on the frontend as the backend, so when I wanted to logout on the port 3000 my 5173 still had the cookie, so Admin UI was always just taking the frontend cookie because I had whitelisted the frontend in my csrf config for payload. At least in my limited knowledge I think that's what happened.
thick lagoon
In my case I ran my dev env on localhost (3000 for backend, 5173 for frontend), ...
Ohh okay. I use svelte aswell ๐
Thank you ๐