HTTP Basic Auth logout [duplicate]

泪湿孤枕 提交于 2021-01-28 07:09:24

问题


My server is running Apache and I used .htaccess for my basic auth. However, I want my users be able to cancel the auth (log out) with a button. Is it possible and how to do that?


回答1:


Basic Auth is not designed to manage log-out. If you would like to do it then you need to do the following:

1) Add a logout button to your page.

2) When user click on the log-out button send a blank username/password to the same URL as in case of normal log-in.

3) In the response you send back a “You have successfully logged out” page.

The original credentionals will be will overwriten with the empty (wrong) one.

Hope that it helps you.




回答2:


First of all, HTTP does not provide logout: HTTP/1.1. spec

But! You can redirect user to: http://newuser@www.example.com/



来源:https://stackoverflow.com/questions/44536225/http-basic-auth-logout

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!