I have been going back and forth between the documentation and a few other forum post, but I for the life of me cannot figure out how to get the logout feature to work and clear the session.
What’s the particular issue you are having? Are you receiving an error message?
The Auth0 logs can help identify the issue so it helps to check those as well.
It still just does nothing just redirects to homepage after I click the logout button. Then when I click the sign in it does not even prompt to login back in, just pushes the previously signed in user through to the application.
Can you provide me with a HAR file so I can investigate why the browser says “ok” while you’re still logged in?
How to troubleshoot with HAR files and steps to generate a HAR file:
I am experiencing the same issue with your nodejs example, provided in the documentation.
Is there something missing from that source code I am missing to clear the session?
After logging out, I’ve cleared the session in the browser and as the previous user described it, I can just click login and it doesn’t prompt but logs right in.
I have found a solution which is in the documentation, tho it took a bit of reading to find it.
In short, you can destroy your session for the user in Node, however the session still exists on the Auth0 platform. So its important to call the https://.auth0.com/v2/logout path to tell Auth0 to drop the session.
You got this to work? Because in my first post I do this and it doesn’t work. You think you could post the code snippet of your logout route so I could compare.
Your code looks like your calling your node instance, not the Auth0 /v2/logout endpoint
Here is some code, hope it helps!
/* LOGOUT ROUTER */
router.get('/logout', (req, res) => {
req.logout();
if (req.session) {
req.session.destroy(function (err) {
if (err) {
console.log(err)
}
console.log("Destroyed the user session on Auth0 endpoint");
res.redirect('https://<myapp>.auth0.com/v2/logout?client_id=<clientId>&returnTo=http://localhost:3000/');
});
}
});
Also, make sure your returnTo address is in your applications configuration under “Allowed Logout URLs” This tells the endpoint its allowed to redirect your users to the given address.