route protected by middleware auth always available after logout, using angular v17 form and adonisjsV5

Question

route protected by middleware auth always available after logout, using angular v17 form and adonisjsV5

dev-passion76 opened this issue a year ago · 1 comments

Hello
I am using Angular with forms for logging in, and AdonisJS V5 with routes for login/logout and users (a route to display a list of users).

The login works fine, and there are no errors with logout. However, After logout, I can still use the route for users, which is protected by the auth middleware. If I try to manually delete the cookie on the client side, my users route returns an unauthorized status, so that part is working correctly.

to reproduce issue (or not ;) ) a repo is available.

https://github.com/dev-passion76/angular_adonisjs

apiAuth Directory => adonijs
forms =>Angular

Thanks for your help

Originally posted by @dev-passion76 in adonisjs/core#4297

Answer 1 · 2024-01-11T17:46:14.000Z

Hi
Issue Solved

the issue was on frontend Side
the parameters body was forgot

wrong syntax

logout():Observable<any> { const url = 'http://localhost:3333/logout'; return this.http.post(url,, this.httpOptions); }

good Syntax
logout():Observable<any> { const url = 'http://localhost:3333/logout'; return this.http.post(url,**""**, this.httpOptions); }

but beware
with good syntax or bad syntax the logout method (backend) send "Logout successful"
and console.log(auth.isAuthenticated); is always false so , not possibility to check
` public async logout({ auth, response }: HttpContextContract) {

await auth.use("web").logout();
console.log(auth.isAuthenticated);

return response
.send({ message: "Logout successful" });
// .clearCookie('adonis-session')

}`

see you