developerasun / myCodeBox-web

Open source code box for web developers.

Apache License 2.0

5 stars 0 forks source link

[RESEARCH] Express/passport : two logout methods #223

Closed developerasun closed 2 years ago

developerasun commented 2 years ago

topic : understanding differerence between logOut and logout method in passport

read this

two-logouts

reference

myself

developerasun commented 2 years ago

the two methods are the same one ( req.logOut is an alias for req.logout )

read this

Passport exposes a logout() function on req (also aliased as logOut()) that can be called from any route handler which needs to terminate a login session. Invoking logout() will remove the req.user property and clear the login session (if any).

app.post('/logout', function(req, res){
  req.logout();
  res.redirect('/');
});

It is a good idea to use POST or DELETE requests instead of GET requests for the logout endpoints, in order to prevent accidental or malicious logouts.

reference

https://www.passportjs.org/concepts/authentication/logout/