Logout using POST
Fixes
Fixes by @Karna98
Description
Currently, the user can logout using URL /logout which can possibly lead to misuse and user may not be able to access the account if some malicious script is executed in the background which redirects users to /logout.
Type of PR
This PR is an improvement.
Technicalities
Now Logout can be performed using POST Request only.
GET Request will be redirected to the page asking the user if they really want to log out or not.
Tests
- http://localhost:2354/logout Check if user get directly log out or not. (GET Request Type)
- On clicking Logout user should be logged out . (POST Request Type)
Checklist:
-
My pull request has a descriptive title (not a vague title like "Update index.md
"). -
My pull request targets the phoenix/develop
branch of the repository. -
My commit messages follow best practices. -
My code follows the established code style of the repository. -
I tried running the project locally and verified that there are no visible errors.