Authenticate example: the client ws connection is not terminated on logout?

[AoDev]

• I've searched for any related issues and avoided creating a duplicate
  issue.

Description

I have been playing with the example express-session-parse to get familiar with ws.

In the demo, when logging out the user, it is still possible for him to send and receive messages from ws. Is this on purpose for the demo or just forgotten?
I would expect the user to be completely cut from any interaction with the websocket server.

Steps to reproduce:

• run the example, login, send message, logout, still can send message.

Expected result:

• It's not really a bug but the example is a bit confusing for a newcomer, so I guess I'd like the example to be clearer. Should one close the client connection or do something else?

Attachments:

After logout, I can still communicate with the server.

[lpinca]

Yes, "Simulate logout" only destroy the HTTP session. The WebSocket connection is persistent so the client is authenticated until disconnected.

I will update the example so that the WebSocket connection is closed on logout.

[AoDev]

Thank you :)

…

On Sat, Oct 19, 2019, 15:47 Luigi Pinca ***@***.***> wrote: Closed #1653 <#1653> via a6c4238 <a6c4238> . — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#1653?email_source=notifications&email_token=AALUTBXC5VAWN6KZ4UFKRRLQPMFV3A5CNFSM4JCPPEIKYY3PNVWWK3TUL52HS4DFWZEXG43VMVCXMZLOORHG65DJMZUWGYLUNFXW5KTDN5WW2ZLOORPWSZGOUKF5UUI#event-2727074385>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AALUTBTYQV7FOPL22MZVMM3QPMFV3ANCNFSM4JCPPEIA> .