Logging Out An Authenticated User

In this lesson, we'll learn how to logout an authenticated user using a POST request with CSRF protection.

Published
Apr 24
Duration
2m 24s

Developer, dog lover, and burrito eater. Currently teaching AdonisJS, a fully featured NodeJS framework, and running Adocasts where I post new lessons weekly. Professionally, I work with JavaScript, .Net C#, and SQL Server.

Adocasts

Burlington, KY

Join The Discussion! (2 Comments)

Please sign in or sign up for free to join in on the dicussion.

  1. Commented 7 days ago

    I use access tokens, and when I do either await auth.use('api').logout() I get an error auth.use(...).logout is not a function.
    I can neither get the token explicitly using auth.use('api').token (I get undefined).

    The only way I can get it is from the request header, but I find it hard to believe that there is no way to extract it from the auth. Anyway, since the hashed token is stored, I don't even know whether the approach of searching for it in the DB will work.

    1

    Please sign in or sign up for free to reply

    1. Commented 7 days ago

      Hi Guy! The auth process shown in this series is for session authentication. The access token auth does not contain a logout method, but rather works via the accessTokens property added onto the User model.

      There are a few key differences between session and access token auth, you can check out our Access Token Authentication in 20 Minutes lesson to see a walk-through of auth for access tokens.

      1

      Please sign in or sign up for free to reply