Forcing Logout user from my password protected pages on every reload

Hello Everyone ,

I am having some query related to password protected pages for eg:

In my WebFlow, I have created passwords protected pages but when i change the password i want my users automatically logout from the pages and they need to login again. Currently if i change the password users are not logged out. So please let me know is there any solution for this so users were logout automatically?

Unfortunately, there’s no built-in solution for this.

For the basic page and folder password feature, Webflow appears to track login state using a simple session cookie on the user’s machine. Generally that cookie will expire when the user closes their browser window ( this varies by browser ).

Changing the password and republishing the site does not invalidate that cookie, or terminate any authentication tokens, or anything like that. From Webflow’s perspective, the user has access to that resource until either they close their web browser, or you remove that page/folder.

It’s designed as a simple solution, to provide a basic functionality.
You might be able to force logout with some script, by directly deleting the appropriate wf_auth_page cookie- but you’d have to determine when that’s appropriate.

Another option that might work for you is to keep your protected files in a folder, and password-protect the folder. Then when you change the password, also change the folder location, e.g. /files23/ becomes /files24/. This works because when you protect a folder, the auth cookie is attached to the folder path, so changing the folder path effectively invalidates it.

Some notes if you do this-

  • Republishing will automatically update menu links etc.
  • Clients will have to refresh their browser page and go home, to click the link again and access those files.
  • To be elegant, your 404 page can just redirect to home, so no one gets stranded.

A much better solution is Webflow Memberships, or MemberStack, which gives you per-user logins and a lot more control.

@memetican is correct, what you’re talking about is possible through Memberstack - If you do want to do this with only the Webflow page passwords, it will only reset when cookies are cleared