Problem/Motivation
The multi_domain_login_user_logout() fails to execute the removal of the sessions on the rest of the domains where a login has been executed
Steps to reproduce
1. login in one site that does login in the other domains and confirm a session is opened in the others
2. do login in one of the site
3. refresh the session in any other domain, the session is still open while it should be closed
Proposed resolution
the current code is:
/**
* Implements hook_user_logout().
*/
function multi_domain_login_user_logout($account) {
$languageManager = \Drupal::languageManager();
$current_route = \Drupal::routeMatch()->getRouteName();
if ($languageManager && $languageManager->isMultilingual()) {
if (!in_array($current_route, ['multi_domain_login.login'])) {
/** @var \Drupal\Core\Session\SessionManagerInterface $sessionManager */
$sessionManager = \Drupal::service('session_manager');
$sessionManager->delete($account->id());
}
}
}
where i believe in sites that are not multilingual, the code after the first if is not executed (i have checked in my setup and that is the case, not executed).
I have fixed that in a custom module creating my own implementation of hook_user_logout() to look like:
/**
* Implements hook_user_logout().
*/
function mymodule_user_logout($account) {
$current_route = \Drupal::routeMatch()->getRouteName();
if (!in_array($current_route, ['multi_domain_login.login'])) {
/** @var \Drupal\Core\Session\SessionManagerInterface $sessionManager */
$sessionManager = \Drupal::service('session_manager');
$sessionManager->delete($account->id());
}
}
This function causes that (3) exeutes successfully the logout in the rest of the sessions.
Best