Skip to content

Logout using POST

Vedant Wakalkar requested to merge phoenix/feature/optimize-setup into phoenix/develop

Fixes

Fixes by @Karna98

Description

Currently, the user can logout using URL /logout which can possibly lead to misuse and user may not be able to access the account if some malicious script is executed in the background which redirects users to /logout.

Type of PR

This PR is an improvement.

Technicalities

Now Logout can be performed using POST Request only.

GET Request will be redirected to the page asking the user if they really want to log out or not.

Tests

  1. http://localhost:2354/logout Check if user get directly log out or not. (GET Request Type)
  2. On clicking Logout user should be logged out . (POST Request Type)

Checklist:

  • My pull request has a descriptive title (not a vague title like "Update index.md").
  • My pull request targets the phoenix/develop branch of the repository.
  • My commit messages follow best practices.
  • My code follows the established code style of the repository.
  • I tried running the project locally and verified that there are no visible errors.

Merge request reports