Logging Out An Authenticated User

In this lesson, we'll learn how to logout an authenticated user using a POST request with CSRF protection.

Published
Apr 24, 24
Duration
2m 24s

Developer, dog lover, and burrito eater. Currently teaching AdonisJS, a fully featured NodeJS framework, and running Adocasts where I post new lessons weekly. Professionally, I work with JavaScript, .Net C#, and SQL Server.

Adocasts

Burlington, KY

Get the Code

Download or explore the source code for this lesson on GitHub

Repository

Join The Discussion! (2 Comments)

Please sign in or sign up for free to join in on the dicussion.

  1. Commented 9 months ago

    I use access tokens, and when I do either await auth.use('api').logout() I get an error auth.use(...).logout is not a function.
    I can neither get the token explicitly using auth.use('api').token (I get undefined).

    The only way I can get it is from the request header, but I find it hard to believe that there is no way to extract it from the auth. Anyway, since the hashed token is stored, I don't even know whether the approach of searching for it in the DB will work.

    1

    Please sign in or sign up for free to reply

    1. Commented 9 months ago

      Hi Guy! The auth process shown in this series is for session authentication. The access token auth does not contain a logout method, but rather works via the accessTokens property added onto the User model.

      There are a few key differences between session and access token auth, you can check out our Access Token Authentication in 20 Minutes lesson to see a walk-through of auth for access tokens.

      1

      Please sign in or sign up for free to reply

Playing Next Lesson In
seconds