Notifications
Sign Up Sign In
Q&A

Signing in should sign you in on all sites

+12
−1

It looks to me like the session cookie that holds one's user session credentials is currently bound to the specific site.

The result of this is that you need to sign in separately to, say, Scientific Speculation and Codidact Meta.

If that is correct, then if the cookie was set to apply to all subdomains of codidact.com instead of simply the one the user signs in to, switching between sites wouldn't require signing in separately on each.

Either way, I'd like to not need to sign in separately on each site under codidact.com.

Similarly, signing out should sign you out of all sites, not just the one where you click "sign out".

Why should this post be closed?

0 comments

2 answers

+4
−0

This is [status-completed]. Signing in on one site signs you in across the network; likewise, signing out signs you out everywhere.

This doesn't preclude the use of multiple accounts, you just can't do it simultaneously - sign one account out, sign in as another, and you can switch back and forth like that as much as you like.

0 comments

+1
−2

Spontaneously, I'd yell "I like this feature too!". Until I start to ponder a bit deeper.

Here's the catch: please keep in mind that people may wish to use different accounts for different sites.

For example: someone might want to use their professional public self on the main programming site, but use a private alias on the "for fun" code golf site. Similarly, it is also likely that there are several real persons using the same computer, not necessarily with their own private OS login which would have helped separating web browser cookies.

Setups like above are possible on Stack Exchange, but it was always a pain in the neck to get right, because of cookies keeping track of your log-in. This was a real problem for me there:

  • I have my public main account registered to various sites on my work computer.
  • At home, I also use the same account on a couple of those sites. As well as a private account registered various other sites for private "hobby stuff".
  • When checking one of the sites on the main account from home, I might get a cross-site notification about a post from another site, where I'm not logged in at from the home computer.
  • Then when I attempt to login at that site, the dumb thing instead finds my private account in some cookie jar and tries to log in with that one. Effectively blocking me from logging in with my main account to that site on that computer.
  • If I log out the private account, I can no longer log in to the sites it was previously logged in at, because then it finds the main account instead. Catch 22 deadlock.

Please, no automatic cross-site logins based on cookies. Or at least give people the option to log in and log out at each site manually.

6 comments

You'd always be able to log out and log back in as a different account, even if the cookie is cross-network. I thought you could on SE as well, but it's been a while since I tried. ArtOfCode 28 days ago

The signing in part could probably be solved with a simple-enough checkbox "Sign me in across the Codidact network", akin to the "Remember me" checkbox already there. I'm not sure what would be most reasonable for how that should interact with an existing session; something to tell the software that someone is signed in anywhere to disable that feature maybe? There are also add-ons to at least Firefox that let you separate sites into container tabs (the latter of which is a native feature). aCVn 28 days ago

I haven't tried it, but I suspect that would let you segregate different sites even if signing in would be network-wide without any override. Also note that SE lumps together everything *.stackexchange.com (including *.meta.stackexchange.com); only the few sites that are on different second-level domains (SuperUser, Server Fault, Stack Overflow, and a few more) are treated differently. Or at least that's how it worked before, and I doubt they've changed it recently. aCVn 28 days ago

@ArtOfCode No, on SE the log out option logs you out from all sites. There was some hard-to-find loop-hole, but it took me a long time to find and I don't remember how. Basically if I clear the cookie cache on my computer, one of my accounts is blocked until I find out how I managed to set it up last time. It's user-unfriendly like anything. Long as we consider the multiple users on the same computer aspect, I don't mind a "log me in/out of all sites" option. Lundin 27 days ago

Hm. It'd have to function like that here too, @Lundin - there's no way without resorting to nasty hacks to set a cookie based on user preferences. When you log out or log in on one site, it'd propagate that across the network. That doesn't prevent you from using that account again, though - you could log out, log in another account, then log that out and back to the first account. ArtOfCode 27 days ago

Show 1 more comments

Sign up to answer this question »