Skip to content

Instantly share code, notes, and snippets.

@rollcat rollcat/index.html
Last active May 18, 2017

What would you like to do?
Basic auth logout hack
On your backend, create an endpoint (like /api/logout),
that will always respond "401 Unauthorized" (without the WWW-Authenticate header).
On your frontend, include a JS snippet, to create a logout button.
<!DOCTYPE html>
<script type="text/javascript">
window.onload = function() {
var logout = document.getElementById("logout");
logout.onclick = function() {
xhr = new XMLHttpRequest();
xhr.addEventListener("load", location.reload);"GET", location.origin + "/api/logout");
logout.innerText = "logout";
{% endblock %}
<a id="logout"></a>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.