Thanks @markd for the response.
I’m authenticating with google IdP.
I seem to be having trouble clearing Auth0 session data cuz after logging out, I still can go straight to my app when calling the /authorize
again.
In my react, I log out like this:
logout = () => {
localStorage.removeItem("expires_at");
goFetch("/logout"); // will call my server to remove the access_token cookie
window.location.href = `https://mari.eu.auth0.com/v2/logout?client_id=${
process.env.AUTH0_CLIENT_ID
}&returnTo=http://localhost:8081/`;
};
Here I clear the cookie in my nodejs:
server.get("/logout", (req, res) => {
// removes cookie by setting expires date to the past
res.cookie("access_token", "", {
expires: new Date(0),
path: "/"
});
});
And I sign up/sign in with google in my landing page:
<a href="https://mari.eu.auth0.com/authorize?response_type=code&scope=openid profile offline_access&client_id=ID&connection=google-oauth2&redirect_uri=http://localhost:3000/callback&audience=http://localhost:3000">Signup />