From 043aafd7b72c95ed505e3a830ec50f104a9e7c75 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian.lam@gmail.com>
Date: Sun, 22 Sep 2013 20:40:10 -0400
Subject: [PATCH] closed #315

---
 public/src/forum/footer.js   | 12 ++++++++++--
 src/routes/authentication.js | 13 ++++---------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/public/src/forum/footer.js b/public/src/forum/footer.js
index 254da9a2ce..876880f05f 100644
--- a/public/src/forum/footer.js
+++ b/public/src/forum/footer.js
@@ -26,7 +26,6 @@
 		fields: ['username', 'picture', 'userslug']
 	});
 	socket.on('api:updateHeader', function(data) {
-
 		jQuery('#search-button').on('click', function() {
 			jQuery('#search-fields').removeClass('hide').show();
 			jQuery(this).hide();
@@ -67,7 +66,16 @@
 								</li>');
 				rightMenu.append(userli);
 
-				var logoutli = $('<li><a href="' + RELATIVE_PATH + '/logout">Log out</a></li>');
+				var logoutli = $('<li><a href="#">Log out</a></li>');
+				logoutli.on('click', function() {
+					var	csrf_token = $('#csrf_token').val();
+
+					$.post(RELATIVE_PATH + '/logout', {
+						_csrf: csrf_token
+					}, function() {
+						window.location = RELATIVE_PATH + '/';
+					});
+				});
 				rightMenu.append(logoutli);
 			}
 		} else {
diff --git a/src/routes/authentication.js b/src/routes/authentication.js
index f2b5212cc4..faa995b62d 100644
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@@ -90,19 +90,14 @@
 	}
 
 	Auth.create_routes = function(app) {
-
-		app.get('/logout', function(req, res) {
+		app.post('/logout', function(req, res) {
 			if (req.user && req.user.uid > 0) {
 				winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');
 
 				req.logout();
-				app.build_header({
-					req: req,
-					res: res
-				}, function(err, header) {
-					res.send(header + templates['logout'] + templates['footer']);
-				});
-			} else res.redirect('/');
+			}
+
+			res.send(200)
 		});
 
 		if (login_strategies.indexOf('twitter') !== -1) {