Disconnect Google account when exiting the site

  • Resolved tecnicaweb

    (@tecnicaweb)


    3 years, 2 months ago

    Based on all the tests I have done, when one logs into the WP site using the Google account, the Google account itself is also set as connected.
    So if one logs in, then exits the WP site and leaves, anyone using that device can access all emails and google account data.
    This is a very problematic thing for shared devices.
    Is it possible in some way to avoid this?
    Closing the Google account when you leave the site, or using Google only to authorize the account.
    Is there any setting in the plugin, or in the settings in the Google console?
    Note: on this site, registrations are closed, only users already entered can access, and only with accounts of the same domain as the site.
    Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Laszlo

    (@laszloszalvak)

    Hi @tecnicaweb

    Nextend Social Login only handles the login and registration to your site with the selected social media account. The logout it self is handled by WordPress and that will log you out only from the WordPress site. (Also some plugins and themes handle the logout in their own way.)

    If someone also wants to logout from the social media account and not only from the WordPress site, then the person needs to visit the official page of the given provider and should log out there, so the session will be destroyed.

    As for shared devices:
    If the security matters for someone, then on a shared device people should always use private browsing ( e.g. Google Chrome – Incognito mode ) since with that, the login cookies and browser history would also be deleted when the browser is closed, which would make the users being logged out from the accounts that they used during private browsing.
    Or if a person doesn’t use private browsing, then they should at least clear their browser data: https://support.google.com/chrome/answer/2392709?hl=en&co=GENIE.Platform%3DDesktop

    Anyways if you really want to log the user out from a given social media account, then you could redirect the users to a logout url of a given provider when you log the user out of their WordPress accounts. For this you will need to do custom coding that we can not provide support for.

    Best regards,
    Laszlo.

    • This reply was modified 3 years, 2 months ago by Laszlo.
    • This reply was modified 3 years, 2 months ago by Laszlo.
    Thread Starter tecnicaweb

    (@tecnicaweb)

    Thanks for the very complete answer.
    In my case I will recommend to users the use of Private browsing, and I will set up a redirect on exit to the social provider.
    Thank you again

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Disconnect Google account when exiting the site’ is closed to new replies.