Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Q&A

Welcome to Codidact Meta!

Codidact Meta is the meta-discussion site for the Codidact community network and the Codidact software. Whether you have bug reports or feature requests, support questions or rule discussions that touch the whole network – this is the site for you.

Comments on Signing in should sign you in on all sites

Parent

Signing in should sign you in on all sites

+14
−1

It looks to me like the session cookie that holds one's user session credentials is currently bound to the specific site.

The result of this is that you need to sign in separately to, say, Scientific Speculation and Codidact Meta.

If that is correct, then if the cookie was set to apply to all subdomains of codidact.com instead of simply the one the user signs in to, switching between sites wouldn't require signing in separately on each.

Either way, I'd like to not need to sign in separately on each site under codidact.com.

Similarly, signing out should sign you out of all sites, not just the one where you click "sign out".

History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.
Why should this post be closed?

0 comment threads

Post
+2
−2

Spontaneously, I'd yell "I like this feature too!". Until I start to ponder a bit deeper.

Here's the catch: please keep in mind that people may wish to use different accounts for different sites.

For example: someone might want to use their professional public self on the main programming site, but use a private alias on the "for fun" code golf site. Similarly, it is also likely that there are several real persons using the same computer, not necessarily with their own private OS login which would have helped separating web browser cookies.

Setups like above are possible on Stack Exchange, but it was always a pain in the neck to get right, because of cookies keeping track of your log-in. This was a real problem for me there:

  • I have my public main account registered to various sites on my work computer.
  • At home, I also use the same account on a couple of those sites. As well as a private account registered various other sites for private "hobby stuff".
  • When checking one of the sites on the main account from home, I might get a cross-site notification about a post from another site, where I'm not logged in at from the home computer.
  • Then when I attempt to login at that site, the dumb thing instead finds my private account in some cookie jar and tries to log in with that one. Effectively blocking me from logging in with my main account to that site on that computer.
  • If I log out the private account, I can no longer log in to the sites it was previously logged in at, because then it finds the main account instead. Catch 22 deadlock.

Please, no automatic cross-site logins based on cookies. Or at least give people the option to log in and log out at each site manually.

History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.

1 comment thread

General comments (6 comments)
General comments
ArtOfCode‭ wrote over 4 years ago

You'd always be able to log out and log back in as a different account, even if the cookie is cross-network. I thought you could on SE as well, but it's been a while since I tried.

Canina‭ wrote over 4 years ago · edited over 4 years ago

The signing in part could probably be solved with a simple-enough checkbox "Sign me in across the Codidact network", akin to the "Remember me" checkbox already there. I'm not sure what would be most reasonable for how that should interact with an existing session; something to tell the software that someone is signed in anywhere to disable that feature maybe? There are also add-ons to at least Firefox that let you separate sites into container tabs (the latter of which is a native feature).

Canina‭ wrote over 4 years ago · edited over 4 years ago

I haven't tried it, but I suspect that would let you segregate different sites even if signing in would be network-wide without any override. Also note that SE lumps together everything *.stackexchange.com (including *.meta.stackexchange.com); only the few sites that are on different second-level domains (SuperUser, Server Fault, Stack Overflow, and a few more) are treated differently. Or at least that's how it worked before, and I doubt they've changed it recently.

Lundin‭ wrote over 4 years ago

@ArtOfCode No, on SE the log out option logs you out from all sites. There was some hard-to-find loop-hole, but it took me a long time to find and I don't remember how. Basically if I clear the cookie cache on my computer, one of my accounts is blocked until I find out how I managed to set it up last time. It's user-unfriendly like anything. Long as we consider the multiple users on the same computer aspect, I don't mind a "log me in/out of all sites" option.

ArtOfCode‭ wrote over 4 years ago

Hm. It'd have to function like that here too, @Lundin - there's no way without resorting to nasty hacks to set a cookie based on user preferences. When you log out or log in on one site, it'd propagate that across the network. That doesn't prevent you from using that account again, though - you could log out, log in another account, then log that out and back to the first account.

xtal‭ wrote over 4 years ago

@Lundin Can you use a browser solution? I find that Firefox Containers handles multi-account logins for me quite elegantly: it allows different tabs to have entirely separate cookie sets. I believe there's some equivalent tool for Chrome.