[DEPRECATED] Logging Out an Authenticated User
Warning
This article series promotes UserProfiles and Forms, which are deprecated. We decided to reduce the learning curve by promoting explicit implementation via Liquid, Pages and GraphQL, instead of built-in features, which add magic into the mix increasing the learning curve and making debugging harder. Please refer to our Get Started to read up-to date articles, including User Authentication
This guide will help you create an authentication form to log out authenticated users.
Requirements
To follow the steps in this tutorial, you should be familiar with the required directory structure for your codebase, and understand the concept of pages and users.
Steps
Logging out an authenticated user is a two-step process:
Step 1: Create log out form
app/forms/log_out.liquid
---
name: log_out
resource: Session
---
{% form method: 'delete' %}
<button>Log Out</button>
{% endform %}
The difference from logging in, is that you want to destroy the session. You have to send a DELETE request by providing the method: delete attribute to the form tag.
Step 2: Embed the log out form
app/views/pages/log-out.liquid
---
slug: log-out
---
<h2>Log out</h2>
{% include_form 'log_out' %}
Note
To set an expiration for user sessions, use the "timeout_in_minutes": 0, attribute in the Instance configuration settings JSON as described in the Updating Instance Configuration tutorial. If you set the attribute to 15, for example, all users will get logged out automatically after 15 minutes of inactivity.
Next steps
Congratulations! You created a log out for authenticated users. Now you can learn about resetting a user's password: