My server is running Apache and I used .htaccess for my basic auth. However, I want my users be able to cancel the auth (log out) with a button. Is it possible and how to do that?
Asked
Active
Viewed 9,239 times
2 Answers
3
Basic Auth is not designed to manage log-out. If you would like to do it then you need to do the following:
1) Add a logout button to your page.
2) When user click on the log-out button send a blank username/password to the same URL as in case of normal log-in.
3) In the response you send back a “You have successfully logged out” page.
The original credentionals will be will overwriten with the empty (wrong) one.
Hope that it helps you.
zappee
- 20,148
- 14
- 73
- 129
-
It's already been answered almost 10 years ago here: https://stackoverflow.com/questions/233507/how-to-log-out-user-from-web-site-using-basic-authentication – Capsule Jun 14 '17 at 06:51
2
First of all, HTTP does not provide logout: HTTP/1.1. spec
But! You can redirect user to: http://newuser@www.example.com/
Tomasz Adamczyk
- 251
- 1
- 7
-
It's already been answered almost 10 years ago here: https://stackoverflow.com/questions/233507/how-to-log-out-user-from-web-site-using-basic-authentication – Capsule Jun 14 '17 at 06:51
-
Brilliant! I just edited the href of my existing Sign Out button to point to such an URL. – F. Santiago Sep 20 '18 at 13:18
-
1