Instantly share code, notes, and snippets.

@rollcat /index.html
Last active May 18, 2017

Embed
What would you like to do?
Basic auth logout hack
On your backend, create an endpoint (like /api/logout),
that will always respond "401 Unauthorized" (without the WWW-Authenticate header).
On your frontend, include a JS snippet, to create a logout button.
<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">
window.onload = function() {
var logout = document.getElementById("logout");
logout.onclick = function() {
xhr = new XMLHttpRequest();
xhr.addEventListener("load", location.reload);
xhr.open("GET", location.origin + "/api/logout");
xhr.send();
};
logout.innerText = "logout";
};
</script>
{% endblock %}
</head>
<body>
<a id="logout"></a>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment