protosio / protos

GNU Affero General Public License v3.0
9 stars 3 forks source link

Allow logout only on an authenticated session #4

Open nustiueudinastea opened 4 years ago

nustiueudinastea commented 4 years ago

Currently, the logout route doesn't check if the user is authenticated. This is not a big issue because the session cookie is only known by an authentication user, but it should be fixed.