User is still logged in after logging out

diggy · September 30, 2019, 6:02pm

Moved from GitHub ratel/127

Posted by danielmai:

Queries still succeed as the logged in user even after clicking the log out button.

Steps to reproduce:

Run Dgraph cluster with ACLs enabled.
Create a user and group with read permissions for a particular predicate.
Log in as that user.
Run query for that predicate. The query should be authorized and succeed.
Log out.
Run the same query. The query succeeds, but it should fail since no one is logged in.

Additional notes:

A “log out” works if I log out and then click the Refresh button of the web browser.

Topic		Replies	Views
ACL incorrectly creates ACL users Ratel kind:bug , ratel , priority:p0	2	537	July 11, 2020
Dgraph v25.0.0-preview1 Dgraph	0	32	April 18, 2025
ACL Account error Ratel enterprise , kind:question	20	2099	May 15, 2023
Dgraph Security Control Dgraph	4	357	March 23, 2023
Ratel unable to connect dgraph server ACL user password error Ratel	13	3092	April 25, 2020