Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

how can I logout using local authentication? #465

Closed
pedrommuller opened this Issue Mar 28, 2017 · 4 comments

Comments

Projects
None yet
3 participants
@pedrommuller
Copy link

pedrommuller commented Mar 28, 2017

This is a question rather than an issue:

I'd like to know if there is a specific endpoint to do a log out from the API like "/logout" if not how can I implement the logout method in the server?

M mental map is like having a simple link (href="/logout") on the client side like I mentioned earlier do the procedure and then redirect to the homepage "/"

I've been looking for that in the documentation and I didn't find anything.

Thanks!

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Mar 29, 2017

Hi @pedrommuller, If you start an app with the feathers-cli pre-release generator (npm install -g feathers-cli@pre, then in a terminal feathers generate app), you'll be able to use the feathers-authentication-client. The two new plugins together include a logout implementation. The new client plugin actually sets up app.logout() to interact with the server to accomplish this.

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Mar 29, 2017

I'll add that it doesn't do anything other than discard your accessToken on the client, and trigger a log out event on the server. If you wanted to ensure the JWT access token can't be used before it expires you would need to manually blacklist it yourself.

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Mar 29, 2017

Going to close this as I think @marshallswain answered, but @pedrommuller feel free to comment if that's not the case and we can re-open. 😄

@ekryski ekryski closed this Mar 29, 2017

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Mar 29, 2017

@ekryski kind of touched on this, but it's also important to note that the /authentication service has a remove method. It's what handles the logout on the server side. You can customize the behavior by adding before and after hooks on it:

// on the server
app.service('authentication').hooks({
  before: {
    remove: [
      function (hook) {
        // Customize the logout flow in hooks
      }
    ]
  },
  after: {
    remove: [
      function (hook) {
        // Customize the logout flow in hooks
      }
    ]
  },
  error: {
    remove: [
      function (hook) {
        // Customize the logout flow in hooks
      }
    ]
  }
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.