When I logout somehow backend still manage to get current_user.

[Bhalani]

When we login Frontend store three cookies.

1. user
2. auth_data
3. _chatwoot_session

That way Frontend manager session to authenticate with backend.

Now when we logout from frontend, dashboard controller still manager to get current_user.
Investigation end with cookies kept after logout, those cookies are user.id user.expired_at and _chatwoot_session.
Now I tried two ways.

1. I trigger sign_out user from controller
2. Delete those cookies manually from browser.

Sorry for Sounding little non-tech 🙏

If I don't any of those two step backend think that the session still alive. while it should be cleared out.

What I want to understand is why we are keeping that three keys in cookie after logout?
The cookie key user.id and user.expires_at being generated when I try to access a custom controller.
The key _chatwoot_session kept after logout. Is that needed? if so what is the purpose?
Does that means backend somehow still have session/cookie for current_user?

How can I have both frontend and backend on same state of session?

Any help is appreciated 🙏

[Bhalani]

What I'm trying to achieve here is add a custom page before user land on the chat login page.
Now that custom page is in Rails view and using controller action for that.

The issue I'm facing is somehow after logout from chatwoot Vuejs side, it's still log in when I access the controller that extends DeviseTokenAuth::Concerns::SetUserByToken didn't get the session over or cookies cleared on the backend side.

How do you guys handle custom pages that are added on top of current Chatwoot implementation?

Please help to get further in this amazing open source chat application.

@pranavrajs @sojan-official @nithindavid @sony-mathew @sivin-git