Update:
This behaves according to my actual FB login. When I log out of my facebook and then click the "Login" button on my website, it redirects me to the facebook login page and asks me to log in. After that, I will return to the profile.html web page on my website correctly. However, when I click "log out" from my website, it goes to the main page of my website. This time, when I click the "Login" button again, it directly goes to the "profile.html" of my site. It seems the last "logout" didn't work at all. "Logout" can only work when logging out of your facebook account. So the session used on my website depends on the facebook session. Very strange!
I use PassportJS to complete my authentication job. But I found that req.logout () or req.session.destroy () does not work at all.
// route for showing the profile page app.get('/login', isLoggedIn, function(req, res) { res.render('profile', { user : req.user // get the user out of session and pass to template }); }); // route middleware to make sure a user is logged in function isLoggedIn(req, res, next) { // if user is authenticated in the session, carry on if (req.isAuthenticated()){ console.log("req is authenticated!"); return next(); } // if they aren't redirect them to the home page res.redirect('/'); } // route for logging out app.get('/logout', function(req, res) { console.log("logging out!"); req.logout(); req.session.destroy(); res.redirect('/'); });
When I closed the logout, I see the message "logging out". And then I was redirected to the home page. When I clicked the login again, I donโt see the login window and went directly to the Profile page. During the process, I saw that "req is authenticated!" message.
My questions:
1: where is the "req.isAuthenticated ()" from? Why is this always true?
2: why does "req.logout ()" or "req.session.destroy ()" not work?
thanks
Derek
derek source share