X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/1b770bea3fd5b5dfb4e75237218db204139d9189..42d39cc02b30d33057911255ca62a6ee068105d6:/doc/bugs/logout_in_ikiwiki.mdwn

diff --git a/doc/bugs/logout_in_ikiwiki.mdwn b/doc/bugs/logout_in_ikiwiki.mdwn
index ad89f4c2d..d9b6df677 100644
--- a/doc/bugs/logout_in_ikiwiki.mdwn
+++ b/doc/bugs/logout_in_ikiwiki.mdwn
@@ -1 +1,31 @@
 It looks like there is no way to logout of ikiwiki at present, meaning that if you edit the ikiwiki in, say, a cybercafe, the cookie remains... is there some other security mechanism in place that can check for authorization, or should I hack in a logout routine into ikiwiki.cgi?
+
+> Click on "Preferences". There is a logout button there. --liw
+
+> It would be nice if it were not buried there, but putting it on the
+> action bar statically would be confusing. The best approach might be to
+> use javascript. --[[Joey]] 
+
+
+>> I agree that javascript seems to be a solution, but my brain falls 
+>> off the end of the world while looking at ways to manipulate the DOM. 
+>> (I'd argue also in favor of the openid_provider cookie expiring 
+>>  in less time than it does now, and being session based)
+
+>>> (The `openid_provider` cookie is purely a convenience cookie to
+>>> auto-select the user's openid provider the next time they log
+>>> in. As such, it cannot be a session cookie. It does not provide any
+>>> personally-identifying information so it should not really matter 
+>>> when it expires.) --[[Joey]]
+
+>> It would be nice to move navigational elements to the upper right corner 
+>> of the page...
+
+>> I have two kinds of pages (wiki and blog), and three classes of users  
+
+>> anonymous users - display things like login, help, and recentchanges,
+
+>> non-admin users - on a per subdir basis (blog and !blog) display 
+>> logout, help, recentchanges, edit, comment 
+
+>> admin users - logout, help, recentchanges, edit, comment, etc