fix: logout functionality

Added a logout hbs so the view is actually rendered - CSRF protection for /logout routes
ory · Dec 13, 2023 · b0a589a · b0a589a
1 parent 34710a5
commit b0a589a
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/src/index.ts b/src/index.ts
@@ -99,6 +99,11 @@ registerErrorRoute(router)
 router.use("/consent", doubleCsrfProtection)
 router.use("/consent", csrfErrorHandler(invalidCsrfTokenError))
 
+
+// all routes registered under the /logout path are protected by CSRF
+router.use("/logout", doubleCsrfProtection)
+router.use("/logout", csrfErrorHandler(invalidCsrfTokenError))
+
 registerConsentRoute(router)
 registerLogoutRoute(router)
 

diff --git a/views/logout.hbs b/views/logout.hbs
@@ -0,0 +1,3 @@
+<div id="logout">
+  {{{card}}}
+</div>