Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v4 beta 8 - Logging out does not delete session #1826

Open
6 tasks done
mluttmann opened this issue Nov 26, 2024 · 1 comment
Open
6 tasks done

v4 beta 8 - Logging out does not delete session #1826

mluttmann opened this issue Nov 26, 2024 · 1 comment

Comments

@mluttmann
Copy link

Checklist

Description

When redirecting the user to /auth/logout, the session is not deleted and the user is still logged in. The server logs The Auth0 client does not have RP-initiated logout enabled, the user will be redirected to the '/v2/logout' endpoint instead. Learn how to enable it here: https://auth0.com/docs/authenticate/login/logout/log-users-out-of-auth0#enable-endpoint-discovery. It appears that the RP logout option is part of the Enterprise tier, but is unlikely to be related to the problem described.

Reproduction

  1. Create Next.js app (answer everything with yes)
npx create-next-app@latest test-app
cd test-app

  1. Setup auth0 v4 beta 8 as describe in v4.0.0-beta.8/README.md

  2. Add button for logout in test-app/src/app/page.tsx

    <main>
      <h1>Welcome, {session.user.name}!</h1>
      <a href="/auth/logout">Log out</a>
    </main>
  1. Start application, log in and try to log out

Additional context

No response

nextjs-auth0 version

4.0.0-beta.8

Next.js version

15.0.3

Node.js version

22.11.0
@guabu
Copy link

guabu commented Nov 27, 2024

Hi @mluttmann 👋 Thanks for reporting this — it looks like the cookie is not being cleared for the /v2/logout redirect. We'll get a fix for this in the upcoming release!

For the time being, you can enable RP-initiated logout which is available to all customers (not only for paid plans). The link provided in the log provides the steps on how to enable it: https://auth0.com/docs/authenticate/login/logout/log-users-out-of-auth0#enable-endpoint-discovery

@guabu guabu mentioned this issue Nov 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mluttmann @guabu