**I am working through 100 days of code, but this question doesn’t relate directly to it (though it is one of the projects on there). Let me know if I should post it there instead.
We just made a small “blog” and used sessions to log in, and used
session.clear() to log out. In the next day we change it so we use ReplAuth to log in. Logging in works fine, but I can’t figure out how to log out again.
I have tried all sorts of things like
set_cookie("REPL_AUTH", max_age = 0), but they aren’t affecting the cookie at all.
repl_auth_cookie = request.cookies.get('REPL_AUTH')
I think it has been asked before but I haven’t found any solutions - anyone got any suggestions?:**
Repl link: https://replit.com/@BrynParry/Day87100Days#main.py
# random print to see the function is being called
res = make_response("logged out")
res.set_cookie('REPL_AUTH', value= "blah", max_age= 0, expires=0)
Does it tell you to have a log out page in the challenge? You might not need to (I don’t know why it’s not working)
It doesn’t, and I don’t need to, I just wanted to try to add it in anyway. I guess I should just move on.
Well instead of making a log out page I usually just redirect to the login page, because you’d usually want to log out just to switch accounts.
Well part of that very bottom code snippet looks like flask and the other Express.js, so it wouldn’t work but you could look at flask docs for deleting cookies
I think you have a good idea of how you would do it. You clear REPL_AUTH
I think it’s all flask, I used the methods from here:
set_cookie isn’t changing the cookie at all, and
delete_cookie doesn’t seem to do anything.
Example could look like:
res.delete_cookie("REPL_AUTH", None, None, True, True)
Ah, that didn’t fix it, but might be heading towards a solution. To set the cookie I used this:
<button onclick="LoginWithReplit()"> Login </button>
Well I think ReplAuth uses HTTP only cookies (which is why you can’t log out by simply calling
So I thought adding the httponly would fix it, but guess not…
well, it seems that the repl proxy/firewall/router/NAT is filtering out the REPL_AUTH cookie, because the cookie field is empty for me despite being logged in.