The logout handler in the example has a path param provider, but its purpose isn't obvious.
|
p.Get("/logout/{provider}", func(res http.ResponseWriter, req *http.Request) { |
|
gothic.Logout(res, req) |
|
res.Header().Set("Location", "/") |
|
res.WriteHeader(http.StatusTemporaryRedirect) |
|
}) |
It only calls
gothic.Logout(res, req):
|
// Logout invalidates a user session. |
|
func Logout(res http.ResponseWriter, req *http.Request) error { |
|
session, err := Store.Get(req, SessionName) |
|
if err != nil { |
|
return err |
|
} |
|
session.Options.MaxAge = -1 |
|
session.Values = make(map[interface{}]interface{}) |
|
err = session.Save(req, res) |
|
if err != nil { |
|
return errors.New("Could not delete user session ") |
|
} |
|
return nil |
|
} |
As
Logout only clears the session, I assume it's used to invalidate the session if the user breaks the auth flow prematurely. At this point it isn't really a logout but rather a reset. I don't see a reason to scope
/logout to a provider, if anything, it makes logging out more difficult because we have to track the provider (e.g. session cookie).
The logout handler in the example has a path param
provider, but its purpose isn't obvious.goth/examples/main.go
Lines 244 to 248 in 4b34e17
It only calls
gothic.Logout(res, req):goth/gothic/gothic.go
Lines 239 to 252 in 4b34e17
As
Logoutonly clears the session, I assume it's used to invalidate the session if the user breaks the auth flow prematurely. At this point it isn't really a logout but rather a reset. I don't see a reason to scope/logoutto a provider, if anything, it makes logging out more difficult because we have to track the provider (e.g. session cookie).