I noticed that the old session cookie is not being invalidated properly if I don't click the logout button. For example, if I manually change the cookie value, I get disconnected, but the old session cookie remains usable.
So, I want to edit the code to destroy the session when I get disconnected. Could you guide me on how to do it?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I noticed that the old session cookie is not being invalidated properly if I don't click the logout button. For example, if I manually change the cookie value, I get disconnected, but the old session cookie remains usable.
So, I want to edit the code to destroy the session when I get disconnected. Could you guide me on how to do it?
You're only changing things on the browser side by doing so - not on the server side.
I think you may just want to check the settings of your web server about the session length.