I am using koa, koa-passport and koa-session to log users in which works fine but when I call ctx.logout() the user can refresh and still be logged in. It seems that ctx.session and/or the cookies are not being correctly cleared.
This still fails when using Postman to make requests.
import Koa = require('koa');
import session = require('koa-session');
import passport = require('koa-passport');
....
app.keys = ['******'];
app.use(session({}, app));
....
app.use(passport.initialize());
app.use(passport.session());
....
router.get('/logout', (ctx: Context) => {
if (ctx.isAuthenticated()) {
ctx.logout();
ctx.session = null; // Added this but still nothing
}
ctx.response.body = true;
});
I have found plenty of examples with Express including the following but not having any luck with Koa: https://github.com/expressjs/cookie-session/issues/104
I have take this answer from https://github.com/expressjs/cookie-session/issues/104 so you can find the full history of the dialog, but I just some save someone time and write the the answer below:
await ctx.logout();
ctx.session = null;
I guess he just didn't know, that ctx.logout is async function
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With