1

I'm using PassportJS and this code for logout:

  .get("/logout", async (req, res) => {
    await req.logout();
    req.session = null;
    await res.clearCookie(process.env.PROJECT_TITLE.toLowerCase());
    await res.clearCookie(`${process.env.PROJECT_TITLE.toLowerCase()}.sig`);
    return res.redirect("/");
  });

It just changes the cookies but don't delete them. Why?

It does delete them if I use just this code:

  .get("/logout", async (req, res) => {
    await res.clearCookie(process.env.PROJECT_TITLE.toLowerCase());
    await res.clearCookie(`${process.env.PROJECT_TITLE.toLowerCase()}.sig`);
    return res.redirect("/");
  });

Where am I wrong?

Fred Hors
  • 3,258
  • 3
  • 25
  • 71

2 Answers2

3

Put req.session = null in your logout route to clear the session cookie, as is done in this tutorial. If that still doesn't work, try clearing your existing cookies for your project's URL in your browser and try again. I just had this issue and that's what fixed it!

dominic
  • 127
  • 1
  • 11
0

if anyone is still having problems with this, note that you should only put "req.session = null" and not req.logout() as it seems that this will lead to an incomplete http request. Obviously after thie, you can res.redirect('/some path')

User10
  • 11
  • 1
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jul 28 '23 at 14:03