@okta-dfuhriman/okta-auth-js
Version:
The Okta Auth SDK
39 lines (32 loc) • 1.37 kB
JavaScript
/*!
* Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
* The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
*
* You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*
* See the License for the specific language governing permissions and limitations under the License.
*/
const express = require('express');
const { getAuthClient } = require('../utils');
const router = express.Router();
router.post('/logout', async (req, res) => {
try {
const authClient = getAuthClient(req);
// Get okta signout redirect url
// Call this method before revoke tokens as revocation clears tokens in storage
const signoutRedirectUrl = authClient.getSignOutRedirectUrl();
// Revoke tokens
await authClient.revokeRefreshToken();
await authClient.revokeAccessToken();
// Clear local session
req.session.destroy();
// Clear okta session with logout redirect
res.redirect(signoutRedirectUrl);
} catch (err) {
console.log('/logout error: ', err);
}
});
module.exports = router;