aws-amplify
Flutter Web AmplifyAuthCognito SignOut not working
Description
Signing out with AmplifyAuthCognito signOut() does not sign out the current user.
Works fine on Android, but does not work on the web :(
Feels like the redirect happens before the tokens have been cleared by the plugin in the browser, but that's just a guess.
Categories
- [ ] Analytics
- [ ] API (REST)
- [ ] API (GraphQL)
- [X] Auth
- [ ] Authenticator
- [ ] DataStore
- [ ] Notifications (Push)
- [ ] Storage
Steps to Reproduce
- Build a simple Flutter Web App and add
AmplifyAuthCognito - Use
signInWithWebUI()to sign in - Use
signOut()to sign out
User is not signed out, entries in index db are not deleted.
dependencies:
flutter:
sdk: flutter
# The following adds the Cupertino Icons font to your application.
# Use with the CupertinoIcons class for iOS style icons.
cupertino_icons: ^1.0.6
adaptive_theme: ^3.6.0
flutter_native_splash: ^2.4.0
flutter_launcher_icons: ^0.13.1
get_it: ^7.6.7
go_router: ^13.2.2
signals: ^5.0.0
amplify_api: ^1.7.0
amplify_auth_cognito: ^1.7.0
amplify_authenticator: ^1.5.4
amplify_flutter: ^1.7.0
shared_preferences: ^2.2.2
loader_overlay: ^4.0.0
responsive_framework: ^1.4.0
graphql: ^5.2.0-beta.7
dev_dependencies:
flutter_test:
sdk: flutter
Flutter 3.19.5 • channel stable • https://github.com/flutter/flutter.git
Framework • revision 300451adae (3 weeks ago) • 2024-03-27 21:54:07 -0500
Engine • revision e76c956498
Tools • Dart 3.3.3 • DevTools 2.31.1
Doctor summary (to see all details, run flutter doctor -v):
[√] Flutter (Channel stable, 3.19.5, on Microsoft Windows [Version 10.0.22631.3447], locale en-NZ)
[√] Windows Version (Installed version of Windows is version 10 or higher)
[√] Android toolchain - develop for Android devices (Android SDK version 34.0.0)
[√] Chrome - develop for the web
[X] Visual Studio - develop Windows apps
X Visual Studio not installed; this is necessary to develop Windows apps.
Download at https://visualstudio.microsoft.com/downloads/.
Please install the "Desktop development with C++" workload, including all of its default components
[√] Android Studio (version 2023.2)
[√] VS Code (version 1.88.0)
[√] Connected device (4 available)
[√] Network resources
Screenshots
Platforms
- [ ] iOS
- [ ] Android
- [X] Web
- [ ] macOS
- [ ] Windows
- [ ] Linux
Flutter Version
3.19.5
Amplify Flutter Version
1.7.0
Deployment Method
Amplify CLI
Schema
No response
@BerndWessels Thank you for reporting the issue. I've attempted to replicate the problem using the steps you provided, but I was unable to reproduce the issue. Please note that IndexedDB in the developer tools does not automatically refresh. After signing out, please manually refresh the IndexedDB view using the refresh button to check if the credential still exists. Additionally, could you provide the code snippets for the signIn and signOut functions?
@NikaHsn Thanks for your response. Here is my project to reproduce the issue https://github.com/BerndWessels/amplify_auth_issue
Just edit the amplifyconfiguration_web.dart with your own values, then
- run
- sign in
- onces signed in press the little face icon on the right in the app bar to sign out
when I sign out, it reloads the webpage but the user is not signed out :(
Hope this will let you reproduce the issue, thanks.
Hi @BerndWessels, thank you for providing your project. We will take a look when we get the chance and get back to you with any updates.
Same Error, on ANDROID
Runing Flutter on MacOs
Flutter (Channel stable, 3.19.6, on macOS 14.4.1 23E224 darwin-arm64, locale es-CO) • Flutter version 3.19.6 on channel stable at /Users/jmontes/flutter • Upstream repository https://github.com/flutter/flutter.git • Framework revision 54e66469a9 (9 days ago), 2024-04-17 13:08:03 -0700 • Engine revision c4cd48e186 • Dart version 3.3.4 • DevTools version 2.31.1
Pubspec
dependencies:
flutter:
sdk: flutter
flutter_localizations:
sdk: flutter # Add this line
intl: ^0.18.1
# The following adds the Cupertino Icons font to your application.
# Use with the CupertinoIcons class for iOS style icons.
cupertino_icons: ^1.0.2
flutter_form_builder: ^9.0.0
form_builder_validators: ^9.0.0
form_builder_image_picker: ^4.0.0
flutter_pw_validator: ^1.4.2
sleek_circular_slider: ^2.0.1
flutter_circular_text: ^0.3.1
footer: ^0.0.4
settings_ui: 2.0.2
provider: ^6.0.5
get_it: ^7.3.0
get: ^4.6.5
localization: ^2.1.0
amplify_api: ^1.8.0
amplify_api_dart: ^0.4.0
amplify_auth_cognito: ^1.8.0
amplify_authenticator: ^1.6.0
amplify_analytics_pinpoint: ^1.8.0
amplify_datastore: ^1.8.0
amplify_datastore_plugin_interface: ^1.8.0
amplify_flutter: ^1.8.0
amplify_storage_s3: ^1.8.0
aws_common: ^0.6.4
@jamontesg thanks for letting us know.
We will attempt to reproduce the original issue with the provided sample app.
@BerndWessels - In your application the user is signed out. However, the application calls signInWithWebUI after sign out, which signs the user back in. Since the user is still authenticated with Google in their browser, they do not need to re-authenticate.
If you sign out of the application, then sign out of google in the browser (can be done from the top right in Chrome or by navigating to google.com in a new tab if not using chrome), then sign call signInWithWebUI() again, the user will have to re-authenticate with google.
I recommend not calling signInWithWebUI immediately when the app loads. Instead I recommend calling it after a user taps a button. Calling it automatically will lead to some confusing UX scenarios.
There is an open feature request to always show the account chooser screen after logout and login. I am not sure if you were expecting this screen to show again on the 2nd sign in attempt.
Let me know if you have other questions.
@BerndWessels I am going to close this out. If you have other questions please open a new issue. Thanks.