LiveChat: Showing registration form after ending the chat #9142
Comments
|
I agree this is an issue for shared/public computers, but for the majority use case (personal computers) I think showing the registration form again is bad UX.. since we cannot guess if the visitor is on a shared or personal computer, do you think having a setting which when enabled will force the visitor to register itself again always is good enough? |
|
Strongly agree that it would be a bad UX showing registration form on every chat session end. I would suggest two things for that
Other than that, I tried deleting keys in localStorage as described in #8097 and reloading the iframe with no luck. If you have any suggestions to implement, I may work on my first PR ;) Thank you |
|
@arikusu the snippet from #8097 does not looks it may work.. as a workaround you should try If you want to implement a real solution though I suggest you to log out the user by calling after #9048 is merged you will not be able to log out the user because it will not be a real user.. but this means it will be easier to implement =) |
|
This feature was added in RocketChat/Rocket.Chat.Livechat#666 So I'll be closing this. Thanks! |
Description:
Currently, when a guest user tries to end the chat, livechat:closeByVisitor closes the room only.
In shared / public computers, this results in a security risk, since the initial guest user is not destroyed (or logged out), the new comer impersonates the first user and can open a new session/room with the initial user's registration information.
We would need a way to "logout" the guest user and reload the registration form.
Server Setup Information:
Steps to Reproduce:
Expected behavior:
Close the session for the guest user and show the new registration form.
Actual behavior:
A new user can continue to chat with the first user's registration information / token etc.
The text was updated successfully, but these errors were encountered: