Add logout endpoint (#107)

Add logout endpoint that clears the auth cookie + optional "logout-redirect" config option, to which, when set, the user will be redirected.
2020-06-03 14:00:47 +01:00
parent 655eddeaf9
commit 8b3a950162
7 changed files with 96 additions and 1 deletions
--- a/internal/auth.go
+++ b/internal/auth.go
@ -144,6 +144,19 @@ func MakeCookie(r *http.Request, email string) *http.Cookie {
 	}
 }

+// ClearCookie clears the auth cookie
+func ClearCookie(r *http.Request) *http.Cookie {
+	return &http.Cookie{
+		Name:     config.CookieName,
+		Value:    "",
+		Path:     "/",
+		Domain:   cookieDomain(r),
+		HttpOnly: true,
+		Secure:   !config.InsecureCookie,
+		Expires:  time.Now().Local().Add(time.Hour * -1),
+	}
+}
+
 // MakeCSRFCookie makes a csrf cookie (used during login only)
 func MakeCSRFCookie(r *http.Request, nonce string) *http.Cookie {
 	return &http.Cookie{