7c7792f92a
This is more correct and may reduce the likelihood of perpetuating a bad mixed-auth state. In general, we should probably be modifying session and JWT cookies in sync at all times, never individually. This specific code probably won't make anything worse, but a clean reset might improve user experience in the rare cases where someone somehow gets their browser into a weird state. - Switch from `response.set_cookie` with past expiry to just using the `response.delete_cookie` method. - Docstring improvements. ref: ARCHBOM-2030 (internal)
Status: Maintenance Responsibilities ================ The ``user_authn`` app contains user authentication related features such as login, registration, and credential management. Direction: Extract ================== Ideally this would be in its own service, but at this point, LMS is the home of all authentication related features. At this time, these features are still plugged into Studio. Future clean-up in Studio is intended to make this an LMS only feature. Glossary ======== More Documentation ==================