User Logout #24
Description
Context: Secure logout functionality is essential for protecting user accounts, especially on shared devices or in public spaces. It ensures that user sessions are properly terminated. In the context of knowledge-sharing platforms like Stack Overflow, proper logout functionality prevents session hijacking that could lead to impersonation, unauthorized posts, or access to private messages. For users who access the platform from public computers or shared workspaces, a clear and accessible logout option is critical for maintaining privacy and security.
Description: As a logged-in user, I want to log out of my account so that my session is terminated and my account is secure when I'm not using it.
Acceptance Criteria
Scenario 1: User successfully logs out
Given the user is logged in
When they click the logout button
Then their session is terminated and they are redirected to the login page
Scenario 2: User session expires automatically
Given the user is logged in but inactive for 2 hours
When they attempt to perform any action requiring authentication
Then they are redirected to the login page with a message about session expiration