UNPKG

@okta-dfuhriman/okta-auth-js

Version:
39 lines (32 loc) 1.37 kB
/*! * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved. * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.") * * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0. * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * * See the License for the specific language governing permissions and limitations under the License. */ const express = require('express'); const { getAuthClient } = require('../utils'); const router = express.Router(); router.post('/logout', async (req, res) => { try { const authClient = getAuthClient(req); // Get okta signout redirect url // Call this method before revoke tokens as revocation clears tokens in storage const signoutRedirectUrl = authClient.getSignOutRedirectUrl(); // Revoke tokens await authClient.revokeRefreshToken(); await authClient.revokeAccessToken(); // Clear local session req.session.destroy(); // Clear okta session with logout redirect res.redirect(signoutRedirectUrl); } catch (err) { console.log('/logout error: ', err); } }); module.exports = router;