Well, wouldn’t mind that Discourse would track that.
Totally for fixing this, its just a bit hairy.
Are you really impersonating users so much that this is a problem? Seems like a lot of work for little benefit.
No, its a very minor issue. Consider this documentation for the workaround until such a time its deemed worthy of attention.
Ran into this myself right now. Still corner-case, but it is rather annoying when it does happen, just for the record ^^
Even a “secret” URL shortcut to get you back would be a great first step. I could be made aware of such a trick via the admin guide.
Would the mechanics for switching out of anonymous mode be applicable to this feature?
I can implement it, but I don’t want to gold plate impersonation, logging when someone impersonates has to come first
Looking forward to having this option. I end up impersonating folks quite a lot as we develop features/test things out and it is a huge hassle to get out of it since I have to go through multiple screens to re-login (due to SSO).
Was this ever implemented?
Nope, did not happen, I feel odd adding more polish around impersonation
So what is the workaround?
I think he was referring to this:
@Sam Sorry for reviving this old post but since impersonations are now logged could this feature be built in the future or is it in your list of things to work on?
Still not tracked per auth token, we would need a new column for that.
Over the years I have had so little motivation to do anything here short of adding tracking, I feel like impersonation is simply something to be avoided, the friction here can be seen as a feature.
Though I understand your reticence to improve it, I hardly think trapping people in a mode you want them to avoid makes sense as a feature. It has legitimate uses, which is why it was added and why I use it.
I don’t really mind being forced to logout to quit impersonating though. The problem is that I can’t figure out how to logout without clearing their notification count (because I have to click on their profile menu to get to the logout menu item.) This is confusing and unhelpful for the user being helped via impersonation.
Is there a url I can visit to logout directly? Or is there some other way to avoid this problem?
Simplest workaround is:
- Open a new browser
- Head to
- Find culprit device in “Recently Used Devices”
- Click wrench
- Log it out
If you are in the habit of always impersonating from an incognito session this should be fairly easy.
Thanks for the solution as well as the tip about using incognito mode.
A loud banner at the top to indicate impersonation, with a button on it to release the account would be a great way to round out this functionality.
This is what django-hijack looks like:
I really like this idea @John_Lehmann
Sometimes when I impersonate someone (albeit, not very often) I forget and keep trying to do admin type things and then realize I’m in someone elses account.
Another downside of the current process is that you have to click on the users avatar. I was impersonating a users that had 5 new notifications. When I clicked his profile, so I could log out of his account, it marks those notifications as read and no longer shows the (5) badge showing he has new notifications. How sad for him, when he returns! Hopefully he got some email notifications that will pull him back in!
Another community that I built and currently manage, is on the Higher Logic platform. I can’t tell you how much more I enjoy using Discourse than Higher Logic. But, now that I have that out of the way, I will say that I do like their method of impersonating users…
There’s a bar at the top of the screen, providing a constant visual reminder that you’re impersonating and a button to STOP, as well as a little orphan button at the bottom of the screen allowing you to STOP.
I don’t think they need both buttons. Top of the screen is sufficient.
I love @John_Lehmann’s suggestion with a more bold/obtrusive bar that stands out so you remember to get out of the user account before posting and doing other stuffs.
Not critical by any means.
I just came to meta, to see if there was a plugin for this, or something.
Just ended up needing this today. I use the impersonate feature to post category guidelines, or other pinned topics or replies in them under the @system account. What I currently do is post them under mine, then change ownership to @system, but what if someone has the topic set to watching, then they would see that it was me. I’m not necessarily trying to be anonymous when posting these, although, I just don’t want those posts under my name. I could make an alt whose purpose is to post these, although I would have to log in from a private window each time, which is bad ux.