carlinix opened a new issue, #57965: URL: https://github.com/apache/airflow/issues/57965
### Apache Airflow version 3.1.2 ### If "Other Airflow 2/3 version" selected, which one? _No response_ ### What happened? **Summary:** After upgrading **Apache Airflow** from **version 3.1.1 to 3.1.2**, the **logout function** stopped working when using **OAuth-based authentication**. **Description:** When users attempt to log out through the web UI, the session is not properly terminated. The page redirects as expected, but the user remains authenticated and can still access the interface without logging in again. The only way to complete the logout process is to **manually clear the session cookies** in the browser. ### What you think should happen instead? **Expected Behavior:** Clicking “Logout” should revoke the session and redirect the user to the login screen, without requiring manual cookie removal. **Actual Behavior:** The logout action does not invalidate the session cookie, causing the user to stay logged in. ### How to reproduce **Steps to Reproduce:** 1. Configure Airflow 3.1.2 with OAuth-based authentication (e.g., Google, GitHub, etc.). 2. Log in using OAuth. 3. Click on “Logout” in the web interface. 4. Observe that the user remains logged in. 5. Manually delete the session cookies and refresh the page — only then the user is logged out. ### Operating System Dokcer ### Versions of Apache Airflow Providers **Environment:** * **Airflow version:** 3.1.2 * **Previous version (working):** 3.1.1 * **Authentication backend:** OAuth using Google * **Deployment type:** Docker * **Browser:** Chrome 142.0.7444.60 **Additional Notes:** No relevant errors appear in the Airflow logs during the logout request. This issue seems to be related to how session cookies are managed in version 3.1.2. ### Deployment Docker-Compose ### Deployment details _No response_ ### Anything else? _No response_ ### Are you willing to submit PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
