You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I took a quick stab at implementing a "logout" handler to this app as the Try it again? link not actually being a logout but just a redirect to / with the session still valid irked me. This is the patch I did:
$ git diff
diff --git a/server/server.go b/server/server.go
index 826a73b..7a2afc0 100644
--- a/server/server.go
+++ b/server/server.go
@@ -93,6 +93,7 @@ func (ws *Server) registerRoutes() {
// Authenticated handlers for viewing credentials after logging in
router.HandleFunc("/dashboard", ws.LoginRequired(ws.Index))
+ router.HandleFunc("/logout", ws.LoginRequired(ws.Logout))
// Static file serving
router.PathPrefix("/").Handler(http.FileServer(http.Dir("./static/")))
diff --git a/server/user.go b/server/user.go
index d4dfa97..f468df1 100644
--- a/server/user.go
+++ b/server/user.go
@@ -55,3 +55,14 @@ func (ws *Server) UserExists(w http.ResponseWriter, r *http.Request) {
}
jsonResponse(w, existsResponse{Exists: true}, http.StatusOK)
}
+
+// Logout logs out the current logged in user and redirects them to
+// the homepage
+func (ws *Server) Logout(w http.ResponseWriter, r *http.Request) {
+ log.Infof("Logging out")
+ // Calling store.MaxAge(-1) will expire *all* sessions for all
+ // users and this only expires the existing session
+ // https://godoc.org/github.com/gorilla/sessions#CookieStore.MaxAge
+ ws.store.Options.MaxAge = -1
+ http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
+}
I logged in with user a@a in a chrome window and then b@b in an incognito window. I logged out of user a@a and this worked, but when attempting to re-login with a@a I'm only getting http 400 from /assertion with "error unmarshaling data". What super obvious thing am I missing?
The text was updated successfully, but these errors were encountered:
I took a quick stab at implementing a "logout" handler to this app as the
Try it again?
link not actually being a logout but just a redirect to/
with the session still valid irked me. This is the patch I did:I logged in with user
a@a
in a chrome window and thenb@b
in an incognito window. I logged out of usera@a
and this worked, but when attempting to re-login witha@a
I'm only getting http 400 from/assertion
with"error unmarshaling data"
. What super obvious thing am I missing?The text was updated successfully, but these errors were encountered: