closed #315

12 years ago · 043aafd7b7
parent de34c7580f
commit 043aafd7b7
2 changed files with 14 additions and 11 deletions
--- a/public/src/forum/footer.js
+++ b/public/src/forum/footer.js
@ -26,7 +26,6 @@
 		fields: ['username', 'picture', 'userslug']
 	});
 	socket.on('api:updateHeader', function(data) {
-
 		jQuery('#search-button').on('click', function() {
 			jQuery('#search-fields').removeClass('hide').show();
 			jQuery(this).hide();
@ -67,7 +66,16 @@
 								</li>');
 				rightMenu.append(userli);

-				var logoutli = $('<li><a href="' + RELATIVE_PATH + '/logout">Log out</a></li>');
+				var logoutli = $('<li><a href="#">Log out</a></li>');
+				logoutli.on('click', function() {
+					var	csrf_token = $('#csrf_token').val();
+
+					$.post(RELATIVE_PATH + '/logout', {
+						_csrf: csrf_token
+					}, function() {
+						window.location = RELATIVE_PATH + '/';
+					});
+				});
 				rightMenu.append(logoutli);
 			}
 		} else {
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@ -90,19 +90,14 @@
 	}

 	Auth.create_routes = function(app) {
-
-		app.get('/logout', function(req, res) {
+		app.post('/logout', function(req, res) {
 			if (req.user && req.user.uid > 0) {
 				winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');

 				req.logout();
-				app.build_header({
-					req: req,
-					res: res
-				}, function(err, header) {
-					res.send(header + templates['logout'] + templates['footer']);
-				});
-			} else res.redirect('/');
+			}
+
+			res.send(200)
 		});

 		if (login_strategies.indexOf('twitter') !== -1) {