Simple OAuth Logout
13 sites
No security coverage
This module adds a logout endpoint that revokes an OAuth token and also logs the user out of all their sessions. It's a drastic measure intended to ensure a complete logout until more granular session management is available.
About
Module that adds the /oauth/logout endpoint. It works like /oauth/revoke but also deletes all sessions from the user of the given token.
This is very drastic, as the user is logged out everywhere, but there is currently no alternative. What we need first is that simple_oauth stores the session id per access token. Once that is the case, we can be more surgically precise.