Skip to content

auth.logout

Samuel S. Donovan edited this page Feb 2, 2022 · 3 revisions

auth.logout utilizes auth.sessions to clear the client's cookie and user session token.

auth.logout(req, res) provides a function to log a user out and delete the session token.

auth.logout.endpoint provides a function with the signature function(req, res) that can be used to easily create a logout endpoint.

Method

auth.logout(req, res)

NOTE: As this method clears a cookie, it is imperative that it be called before any body is sent otherwise an error will be encountered statingError: Can't render headers after they are sent to the client..

Return Values

undefined Cookie not found
false Corresponding session token not found (session may have expired)
true Logout successful

NOTE: req.session/.user/.groups is updated upon successful logout.

Endpoint

auth.logout.endpoint provides an optional ready-to-use endpoint for logging users out.

Example



const express = require('express');
const app = express();

app.use(express.json()); //Needed

const cookieParser = require('cookie-parser');
app.use(cookieParser("secret"));

const auth = require('express-auth');
app.use(auth);

app.post("/logout", auth.logout.endpoint);

Response codes

200 Logout successful
406 Not logged in
409 Conflict with server state (session may have expired)

Clone this wiki locally