-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Andrew Garrett wrote:
On Fri, Apr 11, 2008 at 9:48 AM, Brion Vibber brion@wikimedia.org wrote:
Logging out:
Currently, logout only clears your global session cookies; it doesn't clear local session state. You log in once, but you may have to log out many times.
This was previously done by NOT setting local cookies on every single wiki that you're automatically authenticated on.
Which means it doesn't set up a local session or update your cache timestamp, which means you see various uncached settings and your first edit fails. :)
These are bad, hence my fix.
Using the AutoAuthenticate hook is sufficient to stay logged-in on every wiki (although, admittedly, it's a bit nasty on the DB servers, so, depending on how much of a bottleneck that becomes, I may store the global sessions in memcached). So, the idea is, when you log out, it'll unset the global cookies, and there'll be nothing to say you're logged into that wiki, so you're logged out.
Plus you still had local cookies whereever you explicitly logged in.
- -- brion vibber (brion @ wikimedia.org)