Logout path "#s=-1"

I am trying to override the logout Continue by passing “/auth/logout?continue=/” but it’s still appending the hash “#s=-1”. This breaks our angular app because it then gets routed to “www.domain.com/s=-1”.

What is the point of “#s=-1” and can it be not added if a Continue parameter is passed?

taken this post as example, you could override the Logout method in your CredentialsAuthProvider and do something like:

public override object Logout(IServiceBase service, Authenticate request)
{
    var logoutResponse = base.Logout(service, request);

    if (!string.IsNullOrWhiteSpace(request.Continue))
    {
        return new HttpResult()
        {
            StatusCode = HttpStatusCode.Redirect,
            Headers = {
                {
                    HttpHeaders.Location, request.Continue
                }
            }
        };
    }

    return logoutResponse;
}

this will, if the logout call would be:

http://localhost:11157/auth/logout?continue=/abc/def.aspx

redirect to:

http://localhost:11157/abc/def.aspx

I hope it helps

1 Like

You can also change the redirect params to use the querystring with:

SetConfig(new HostConfig {
    AddRedirectParamsToQueryString = true
});

This is also what the techstacks.io AngularJS App uses.

Thanks, I’ll add that in.

What does /?s=-1 actually do? Reset the session or just provide a non-cached response?

They don’t do anything, they’re just notifications about the authentication attempt that your app can query to show the user whatever it needs to.

It should be ?s=1 for a successful login or something like ?f=UserNameAlreadyExists for a failed response. You can find other failure codes in the AuthProvider or OAuthProvider classes.

@balexandre FYI, there’s also a helper for redirects, i.e:

return HttpResult.Redirect(request.Continue);
1 Like