closed #315

public/src/forum/footer.js

@@ -26,7 +26,6 @@
 		fields: ['username', 'picture', 'userslug']
 	});
 	socket.on('api:updateHeader', function(data) {
-
 		jQuery('#search-button').on('click', function() {
 			jQuery('#search-fields').removeClass('hide').show();
 			jQuery(this).hide();
@@ -67,7 +66,16 @@
 								</li>');
 				rightMenu.append(userli);
 
-				var logoutli = $('<li><a href="' + RELATIVE_PATH + '/logout">Log out</a></li>');
+				var logoutli = $('<li><a href="#">Log out</a></li>');
+				logoutli.on('click', function() {
+					var	csrf_token = $('#csrf_token').val();
+
+					$.post(RELATIVE_PATH + '/logout', {
+						_csrf: csrf_token
+					}, function() {
+						window.location = RELATIVE_PATH + '/';
+					});
+				});
 				rightMenu.append(logoutli);
 			}
 		} else {

src/routes/authentication.js

@@ -90,19 +90,14 @@
 	}
 
 	Auth.create_routes = function(app) {
-
+		app.post('/logout', function(req, res) {
-		app.get('/logout', function(req, res) {
 			if (req.user && req.user.uid > 0) {
 				winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');
 
 				req.logout();
-				app.build_header({
+			}
-					req: req,
+
-					res: res
+			res.send(200)
-				}, function(err, header) {
-					res.send(header + templates['logout'] + templates['footer']);
-				});
-			} else res.redirect('/');
 		});
 
 		if (login_strategies.indexOf('twitter') !== -1) {