Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

logout should not return 401 without redirect uri #391

Open
ivanjx opened this issue Sep 10, 2024 · 1 comment
Open

logout should not return 401 without redirect uri #391

ivanjx opened this issue Sep 10, 2024 · 1 comment

Comments

@ivanjx
Copy link

ivanjx commented Sep 10, 2024

i think this should not return 401 so it wont interfere with the custom errors middleware (see #390)
https://github.com/thomseddon/traefik-forward-auth/blob/master/internal/server.go#L213

@ljluestc
Copy link

// In server.go, around line 213
http.HandleFunc("/logout", func(w http.ResponseWriter, r *http.Request) {
    // Get the redirect_uri from query parameters
    redirectUri := r.URL.Query().Get("redirect_uri")
    
    // If redirect_uri is not provided, redirect to a default URL or handle it gracefully
    if redirectUri == "" {
        // Redirect to a default URL or return an informative response
        // This can be any URL or a page showing that logout was successful
        http.Redirect(w, r, "/default-logout-url", http.StatusFound)
        return
    }

    // Your existing logout logic, which can include clearing session cookies, etc.
    // Clear the session or cookies here, depending on your logic
    // Example:
    // http.SetCookie(w, &http.Cookie{
    //     Name:   "auth_token",
    //     Value:  "",
    //     MaxAge: -1,
    // })
    
    // After performing the logout logic, redirect to the provided redirect_uri
    http.Redirect(w, r, redirectUri, http.StatusFound)
})

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants