Programming Phoenix logs a user out with
configure_session(drop: true)
Phoenix in Action logs a user out with
|> clear_session()
|> configure_session(drop: true)
Clear session:
Clears the entire session.
This function removes every key from the session, clearing the session.
Note that, even if clear_session/1 is used, the session is still sent to the client. If the session should be effectively dropped , configure_session/2 should be used with the :drop option set to true .
So just wondering why are both being used?
Thank you
Clear session makes sure plugs later in the pipeline of the current request can no longer read the values currently in the session. Dropping the session just makes sure the session is dropped for the response sent back, but doesnāt touch current session values.
1 Like
Iām not sure if this is still an issue today but I remember not being able to see Flash messages when logging out using configure_session(conn, drop: true). Thatās based on going through the book maybe 8 months ago.
To get around that I ended up changing that to be delete_session(conn, :user_id).
1 Like
Does that mean that the key value pairs will remain available on the next request or when āthe session is dropped for the response sent backā that means it effectively gets deleted and only current request will still be able to read the pairs?
