When using IBM Bluemix App ID, does anyone know how to log out a user? The Node.js server SDK on GitHub sample application and README includes this reference:
const LOGOUT_URL = "/ibm/bluemix/appid/logout";
I have tried various permutations but I haven't been able to find out what URL to use to log out the user (both hostname and extension).
Can anyone help, please?
Many thanks.
According to a posting at https://www.ibm.com/developerworks/library/iot-trs-secure-iot-solutions3/index.html , 'There is no explicit "logout" method at time of writing of this article'.
Having done some digging, killing the session will provide logout functionality. This can be achieved in Node.js with the following:
app.get("/logout", function(req, res){
// Destroy the session
req.session.destroy();
//return the main html file
res.sendfile(__dirname + '/views/index.html');
});
To log out the user, you can use the WebAppStrategy on your logout endpoint like the following:
app.get("/logout", function(req, res, next) {
WebAppStrategy.logout(req);
// If you chose to store your refresh-token, don't forgot to clear it also in logout:
res.clearCookie("refreshToken");
res.redirect("/");
});
Look at the Node SDK readme on WebAppStrategy https://github.com/ibm-cloud-security/appid-serversdk-nodejs.
