github.com/volatiletech/authboss@v2.4.1+incompatible/logout/logout.go (about) 1 // Package logout allows users to log out (from auth or oauth2 logins) 2 package logout 3 4 import ( 5 "net/http" 6 7 "github.com/pkg/errors" 8 "github.com/volatiletech/authboss" 9 ) 10 11 func init() { 12 authboss.RegisterModule("logout", &Logout{}) 13 } 14 15 // Logout module 16 type Logout struct { 17 *authboss.Authboss 18 } 19 20 // Init the module 21 func (l *Logout) Init(ab *authboss.Authboss) error { 22 l.Authboss = ab 23 24 var logoutRouteMethod func(string, http.Handler) 25 switch l.Authboss.Config.Modules.LogoutMethod { 26 case "GET": 27 logoutRouteMethod = l.Authboss.Config.Core.Router.Get 28 case "POST": 29 logoutRouteMethod = l.Authboss.Config.Core.Router.Post 30 case "DELETE": 31 logoutRouteMethod = l.Authboss.Config.Core.Router.Delete 32 default: 33 return errors.Errorf("logout wants to register a logout route but was given an invalid method: %s", l.Authboss.Config.Modules.LogoutMethod) 34 } 35 36 logoutRouteMethod("/logout", l.Authboss.Core.ErrorHandler.Wrap(l.Logout)) 37 38 return nil 39 } 40 41 // Logout the user 42 func (l *Logout) Logout(w http.ResponseWriter, r *http.Request) error { 43 logger := l.RequestLogger(r) 44 45 user, err := l.CurrentUser(r) 46 if err == nil && user != nil { 47 logger.Infof("user %s logged out", user.GetPID()) 48 } else { 49 logger.Info("user (unknown) logged out") 50 } 51 52 var handled bool 53 handled, err = l.Events.FireBefore(authboss.EventLogout, w, r) 54 if err != nil { 55 return err 56 } else if handled { 57 return nil 58 } 59 60 authboss.DelAllSession(w, l.Config.Storage.SessionStateWhitelistKeys) 61 authboss.DelKnownSession(w) 62 authboss.DelKnownCookie(w) 63 64 handled, err = l.Authboss.Events.FireAfter(authboss.EventLogout, w, r) 65 if err != nil { 66 return err 67 } else if handled { 68 return nil 69 } 70 71 ro := authboss.RedirectOptions{ 72 Code: http.StatusTemporaryRedirect, 73 RedirectPath: l.Authboss.Paths.LogoutOK, 74 Success: "You have been logged out", 75 } 76 return l.Authboss.Core.Redirector.Redirect(w, r, ro) 77 }