- Member | 443
It says that after 20 minutes of inactivity will be user logged out and if that flag is set, also delete identity of that user.
In basic, user who is logged has identity (id, name, email, etc..) in session. This user has ‘authenticated’ role and other roles which you give him.
When user is logged out, then identity stays untouched, but all roles change
If you want to remove an identity, then you must clear it manually, when user logout ($this->user->logout(true));
Or after expiration automatically (IUserStorage::setExpiration(IUserStorage::CLEAR_IDENTITY))
Last edited by Polki (2021-07-31 12:33)