Similar question was already asked, and the issue was gapi.auth.signout() doesn't work in localhost: gapi.auth.signOut(); not working I'm lost
But it worked fine on a real website, until just suddenly, with no changes on my end. It will not sign the user out now, so if they logout of my site, their Google authentication is still live. Here's some example code, which I think should not say the user is still signed in:
gapi.auth.authorize({ 'client_id': CLIENT_ID, 'scope': SCOPES, 'immediate': false, cookie_policy: 'single_host_origin'}, function (authResult) {
gapi.auth.signOut();
setTimeout(function() {
gapi.auth.authorize({ 'client_id': CLIENT_ID, 'scope': SCOPES, 'immediate': true, cookie_policy: 'single_host_origin'}, function (authResult) {
if (authResult && !authResult.error)
alert("Still signed in");
})
}, 5000);
});
This seems totally wrong and unsafe. I tested my original code in the past and it worked properly, so I think there may be a recent regression in the Google API.
