Which page were you viewing when it happened?

It's gotten more complicated. I was about to close when it happened again, but differently.

I logged in, did my work normally, logged off from a bug report page, and had no problem. So I tried the page I thought might have had the problem before by going to just pagure.io , logged in, and logged out with no problem. So I decided to close and logged in at this bug report page so I could close, but saw the message "[y]ou have been logged out" with a default avatar for me still visible. The avatar's menu shows my username and has other commands. So the problem remains but apparently something about my sequence of steps confuses your logoff procedure.

So here is what I think happened:

• you logged in on https://id.fedoraproject,org to access pagure.io
• you did what you wanted to do
• you clicked "logout" on a page that was asking users to be logged in
• pagure logs out, see that this page requires users to be logged in, redirects you to id.fedoraproject.org where you've logged in recently enough that it remembers you, id.fedoraproject.org redirects you to pagure
• you're back to pagure.io logged in

I tried following the procedure you think might be what I did.

1. When I went to https://id.fedoraproject,org (by right-clicking the context menu for a new tab in Firefox), the browser (Firefox 78.0.1) immediately said "Hmm. We’re having trouble finding that site."/"We can’t connect to the server at id.fedoraproject,org." and clicking the browser's "Try Again" button made no difference.

2. At https://ask.fedoraproject.org/ , I clicked the Log In button. The URL began as you had it, except that you had a typo (a comma before the gTLD). So your step was mainly right. I logged in and got the Ask home page under my login.

3. I went to pagure.io but was apparently not logged in there, so I clicked the Log In button and immediately the page showed my login default avatar without a login step and it showed My Projects (none).

4. On the Pagure page, in my avatar's menu, I chose Log Out.

5. I got "You have been logged out" with my avatar still showing. The page showed my username on the left. The avatar's menu showed my username, what I could access, and a command for Log Out.

6. Using the browser's Refresh button, I refreshed the page. This made no difference.

7. I logged out of Ask.

8. I logged out of pagure.io. I got the same as I did in my step 5 above.

9. The Pagure page is https://pagure.io/dashboard/projects and I logged out again and got the same URL and the same result as in my step 5 above above and the same URL

10. I started a new tab and went to https://ask.fedoraproject.org/ and saw that I'm not logged in there. I shouldn't be, so that's good.

11. I repeated my step 9 and got the same result.

12. I pasted the URL https://pagure.io/pagure/issue/4910 into the same taba with the ambiguous logout page and it presented the page, without my avatar but with an arrowhead where the avatar should be and the arrowhead showed the menu with my username and commands and a text field is at gthe bottom. I'm not logged out yet.

Therefore, something is still broken. Pagure should not say "You have been logged out" until I am, in fact, logged out. As it is now, it's a security risk.

After I last posted to this page, I logged out, successfully. It said "You have been logged out" and it showed a Log In button and no user avatar. Since that was just in the last few minutes and a repair probably did not intervene, some predicate causes the problem but its absence means there's no problem at those times.