/logout is a POST?

[aaronblondeau]

The docs say that users simply need to GET /logout to logout : https://docs.stormpath.com/php/laravel/latest/logout.html

After spending a bunch of time trying to figure out why I was getting MethodNotAllowedHttpException's I looked around in the code and found that the logout route is setup with

$this->app->router->post(

Seems like it should definitely support GET instead (or maybe both).

[aaronblondeau]

FYI for folks that find this, you can setup your own GET /logout route with the following if needed

Route::get('/logout', ['as' => 'stormpath.logout', 'uses' => '\Stormpath\Laravel\Http\Controllers\LoginController@getLogout']);

[bretterer]

Hi @aaronblondeau . This is a decision that was made as a company was to only support POST for logout. I will make a note to change documentation for this issue.

The reason for this was discussed in the issue https://github.com/stormpath/stormpath-laravel/issues/49 for details on it. Please have a read through here and let us know if you have any questions.

[edjiang]

@aaronblondeau, sorry about the documentation problem here =]

Please see this if you're thinking of making your logout route a GET request; there are definitely some good reasons to keep it as a POST request =] http://stackoverflow.com/questions/3521290/logout-get-or-post

[bretterer]

@aaronblondeau Documentation has been updated to reflect the changes in the logout method. Thank you again for bringing this to my attention. If you have anything else, please let us know.