How to remove cbtid cookie from browser?

#1

Hi Folks

How do I destroy a cbtid cookie when a client leaves a session?

I’ve recently started using cookie auth on my crossbar router to allow web browser wamp clients to reconnect after reload without having to re-authenticate. This works very well thanks to the cbtid cookie being sent to the browser on the connection handshake (as far as I understand it). What I’m wondering is how do I remove this cookie when the browser leaves the session? Since the cookie is registered with the domain-name of the wamp router, and my client scripts are served from another host, I cannot handle the removal in my scripts (again, as far as I understand it). Is there a setting/hook on the router or something I can use to handle this?

Thanks!
Colin

0 Likes

#2

I’ve managed to find the documentation for what I’m looking for. For future reference, the ticket will be invalidated (the cookie will be destroyed) if you send ‘wamp.close.logout’ as your reason for leaving the session.

Cheers!
Colin

http://crossbar.io/docs/Ticket-Authentication/

···

On Wednesday, September 21, 2016 at 4:36:29 PM UTC-7, Colin Ligertwood wrote:

Hi Folks

How do I destroy a cbtid cookie when a client leaves a session?

I’ve recently started using cookie auth on my crossbar router to allow web browser wamp clients to reconnect after reload without having to re-authenticate. This works very well thanks to the cbtid cookie being sent to the browser on the connection handshake (as far as I understand it). What I’m wondering is how do I remove this cookie when the browser leaves the session? Since the cookie is registered with the domain-name of the wamp router, and my client scripts are served from another host, I cannot handle the removal in my scripts (again, as far as I understand it). Is there a setting/hook on the router or something I can use to handle this?

Thanks!
Colin

0 Likes