Add logout endpoint (#107)

Add logout endpoint that clears the auth cookie + optional "logout-redirect" config option, to which, when set, the user will be redirected.

internal/server.go

@@ -41,6 +41,9 @@ func (s *Server) buildRoutes() {
 	// Add callback handler
 	s.router.Handle(config.Path, s.AuthCallbackHandler())
 
+	// Add logout handler
+	s.router.Handle(config.Path+"/logout", s.LogoutHandler())
+
 	// Add a default handler
 	if config.DefaultAction == "allow" {
 		s.router.NewRoute().Handler(s.AllowHandler("default"))
@@ -180,6 +183,23 @@ func (s *Server) AuthCallbackHandler() http.HandlerFunc {
 	}
 }
 
+// LogoutHandler logs a user out
+func (s *Server) LogoutHandler() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// Clear cookie
+		http.SetCookie(w, ClearCookie(r))
+
+		logger := s.logger(r, "Logout", "default", "Handling logout")
+		logger.Info("Logged out user")
+
+		if config.LogoutRedirect != "" {
+			http.Redirect(w, r, config.LogoutRedirect, http.StatusTemporaryRedirect)
+		} else {
+			http.Error(w, "You have been logged out", 401)
+		}
+	}
+}
+
 func (s *Server) authRedirect(logger *logrus.Entry, w http.ResponseWriter, r *http.Request, p provider.Provider) {
 	// Error indicates no cookie, generate nonce
 	err, nonce := Nonce()