What does IUserStorage::CLEAR_IDENTITY do?

It says that after 20 minutes of inactivity will be user logged out and if that flag is set, also delete identity of that user.

In basic, user who is logged has identity (id, name, email, etc..) in session. This user has ‘authenticated’ role and other roles which you give him.

When user is logged out, then identity stays untouched, but all roles change to ‘guest’.
If you want to remove an identity, then you must clear it manually, when user logout ($this->user->logout(true));
Or after expiration automatically (IUserStorage::setExpiration(IUserStorage::CLEAR_IDENTITY))

see doc

Last edited by Polki (2021-07-31 12:33)