Having trouble with logout on the sample NodeJS app

keepitsane · November 21, 2018, 2:10am

I have been going back and forth between the documentation and a few other forum post, but I for the life of me cannot figure out how to get the logout feature to work and clear the session.

Here is what I have tried

router.get(‘/logout’, (req, res) => {
req.logout({
returnTo: “http%3A%2F%2Flocalhost:3000”,
client_id: “MYCLIENTIDHERE”
});
res.redirect(‘/’);
});

and

// Perform session logout and redirect to homepage
router.get(‘/v2/logout?returnTo=http%3A%2F%2Flocalhost:3000&client_id=MYCLIENTIDHERE’, (req, res) => {
req.logout();
res.redirect(‘/’);
});

Is there something simple that I am missing? Please let me know if any additional information is needed. Thanks in advance!

charsleysa · November 21, 2018, 5:40am

Hi @keepitsane

The first one you tried should be correct.

What’s the particular issue you are having? Are you receiving an error message?
The Auth0 logs can help identify the issue so it helps to check those as well.

keepitsane · November 21, 2018, 12:45pm

When I try the first one I get no response at all, and nothing in the logs even shows up for the event.

I have also tried including these as the allowed logout urls http://localhost:3000/logout, http://localhost:3000

It still just does nothing just redirects to homepage after I click the logout button. Then when I click the sign in it does not even prompt to login back in, just pushes the previously signed in user through to the application.

konrad.sopala · November 22, 2018, 3:53pm

Can you provide me with a HAR file so I can investigate why the browser says “ok” while you’re still logged in?
How to troubleshoot with HAR files and steps to generate a HAR file:

Thanks for help and sorry for inconveniences!

keepitsane · November 22, 2018, 4:07pm

@konrad.sopala

Here is the HAR file that you requested. Also sorry about the duplicate posts.
localhost.har (679.4 KB)

Please let me know if any additional information is needed! Thanks once again for the help

calvincs · January 26, 2019, 5:26am

Was there ever a solution found to this issue?
If so, could the fix be posted and described here?

keepitsane · January 26, 2019, 8:37am

No it wasn’t the issue still persists. No one ever got back to me.

calvincs · January 27, 2019, 2:21am

I am experiencing the same issue with your nodejs example, provided in the documentation.
Is there something missing from that source code I am missing to clear the session?

After logging out, I’ve cleared the session in the browser and as the previous user described it, I can just click login and it doesn’t prompt but logs right in.

calvincs · January 27, 2019, 3:52am

I have found a solution which is in the documentation, tho it took a bit of reading to find it.

In short, you can destroy your session for the user in Node, however the session still exists on the Auth0 platform. So its important to call the https://.auth0.com/v2/logout path to tell Auth0 to drop the session.

More information on the endpoint: Authentication API Explorer

I hope that helps you as it has helped me

keepitsane · January 27, 2019, 2:45pm

You got this to work? Because in my first post I do this and it doesn’t work. You think you could post the code snippet of your logout route so I could compare.

calvincs · January 27, 2019, 10:51pm

Your code looks like your calling your node instance, not the Auth0 /v2/logout endpoint
Here is some code, hope it helps!

/* LOGOUT ROUTER */
router.get('/logout', (req, res) => {
  req.logout();
  if (req.session) {
    req.session.destroy(function (err) {
      if (err) {
        console.log(err)
      }
      console.log("Destroyed the user session on Auth0 endpoint");
      res.redirect('https://<myapp>.auth0.com/v2/logout?client_id=<clientId>&returnTo=http://localhost:3000/');
    });
  }
});

Also, make sure your returnTo address is in your applications configuration under “Allowed Logout URLs” This tells the endpoint its allowed to redirect your users to the given address.

Best of Luck!

konrad.sopala · January 28, 2019, 11:22am

The solution provided by @calvincs seems totally fine. @keepitsane please let us know if it works for you too otherwise we’ll dig into your HAR file!

krystus666 · January 29, 2019, 3:08pm

@konrad.sopala I face the problem that when I call mytenant.eu.auth0.com/v2/logout I get CORS error.
I’ve set allowed callback urls to http://localhost:4200/callback, http://localhost:4200/. When I call the logout url directly from browser it logs me out, but calling the endpoint from the app throws the error

‘http://localhost:4200’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

This Seamless SSO thing is really a nasty thing and also there is no mention of this in any of the guides… Thanks

system · February 13, 2019, 3:08pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Redirect too many times Help auth0	9	9863	January 15, 2020
New to Auth0 - Allowed URL Logout not working in my next.js app Help configuration , application	2	1960	January 4, 2024
Allowed Logout URL's Help logout	11	9819	September 27, 2019
handleLogout Redirect Issue Help management-api , tenants	1	126	July 13, 2024
Have trouble logging out - Bug in Auth0? Help	7	4906	January 6, 2023

Having trouble with logout on the sample NodeJS app

Related Topics