Make basic auth logout change realm
This commit is contained in:
parent
446d484296
commit
65c69e3769
1 changed files with 10 additions and 8 deletions
18
logout.php
18
logout.php
|
|
@ -1,10 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
|
$secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
|
||||||
|
setcookie('mvlog_realm', bin2hex(random_bytes(8)), [
|
||||||
|
'expires' => time() + 31536000,
|
||||||
|
'path' => '/mvlog',
|
||||||
|
'secure' => $secure,
|
||||||
|
'httponly' => true,
|
||||||
|
'samesite' => 'Lax',
|
||||||
|
]);
|
||||||
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
|
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
|
||||||
?>
|
header('Location: index.php');
|
||||||
<!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>Log off MVLog</title><link rel="stylesheet" href="style.css"></head><body>
|
exit;
|
||||||
<header class="site-header"><a class="brand" href="index.php"><h1>MVLog</h1><p>Bubulescu.Org</p></a></header>
|
|
||||||
<main><section><p>Logging off…</p><p class="details">If your browser keeps the session, close the browser tab/window.</p></section></main>
|
|
||||||
<script>
|
|
||||||
fetch("new.php?logout=1", {headers: {"Authorization": "Basic " + btoa("logout:logout")}, cache: "no-store"}).finally(function(){ location.href = "index.php"; });
|
|
||||||
</script>
|
|
||||||
</body></html>
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue