User Logout
- Logging out a user from a particular device can be done via revoking that user session - either via a
Session object, or via asessionHandle. - If you want to revoke all sessions belonging to a user, you will only need their userId.
If you do not have a session object
If you can get the Session object, use that since revoking a session using that will also take care of clearing the cookies for you.
If you have a session object
Please see the Session Object section for more information
If you have a sessionHandle
Call the revokeSessionUsingSessionHandle function: API Reference
supertokens.revokeSessionUsingSessionHandle(sessionHandle);
- Use this to logout a user from their current session
- Does not clear any cookies
If you have a userId
Call the revokeAllSessionsForUser function: API Reference
supertokens.revokeAllSessionsForUser(userId);
- Use this to logout a user from all their devices.
- Does not clear any cookies
Example
const supertokens = require("supertokens-node");
// example using Session object
app.use("/logout", function (req, res) {
// first we verify the session.
let session;
try {
session = await supertokens.getSession(req, res, true);
} catch (err) {
// See verify session page to handle errors here.
}
try {
await session.revokeSession();
res.send("Success! Go to login page");
} catch (err) {
if (supertokens.Error.isErrorFromAuth(err)) { // GENERAL_ERROR
res.status(500).send("Something went wrong");
} else {
res.status(500).send(err); // Something went wrong.
}
}
});
//----------------------------------------
// example using sessionHandle
async function logoutUsingSessionHandle(sessionHandle) {
try {
let success = await supertokens.revokeSessionUsingSessionHandle(sessionHandle);
if (success) {
// your code here..
} else {
// either sessionHandle is invalid, or session was already removed.
// your code here..
}
} catch (err) {
if (supertokens.Error.isErrorFromAuth(err)) { // GENERAL_ERROR
console.log("Something went wrong from supertokens lib");
} else {
console.log("Something went wrong");
}
}
}
//----------------------------------------
// example using userId
async function logoutAllSessionForUser(userId) {
try {
await supertokens.revokeAllSessionsForUser(userId);
} catch (err) {
if (supertokens.Error.isErrorFromAuth(err)) { // GENERAL_ERROR
console.log("Something went wrong from supertokens lib");
} else {
console.log("Something went wrong");
}
}
}
import * as supertokens from "supertokens-node";
import { Request, Response } from "express";
// example using Session object
app.use("/logout", function (req: Request, res: Response) {
// first we verify the session.
let session;
try {
session = await supertokens.getSession(req, res, true);
} catch (err) {
// See verify session page to handle errors here.
}
try {
await session.revokeSession();
res.send("Success! Go to login page");
} catch (err: any) {
if (supertokens.Error.isErrorFromAuth(err)) { // GENERAL_ERROR
res.status(500).send("Something went wrong");
} else {
res.status(500).send(err); // Something went wrong.
}
}
});
//----------------------------------------
// example using sessionHandle
async function logoutUsingSessionHandle(sessionHandle: string) {
try {
let success = await supertokens.revokeSessionUsingSessionHandle(sessionHandle);
if (success) {
// your code here..
} else {
// either sessionHandle is invalid, or session was already removed.
// your code here..
}
} catch (err: any) {
if (supertokens.Error.isErrorFromAuth(err)) { // GENERAL_ERROR
console.log("Something went wrong from supertokens lib");
} else {
console.log("Something went wrong");
}
}
}
//----------------------------------------
// example using userId
async function logoutAllSessionForUser(userId: string) {
try {
await supertokens.revokeAllSessionsForUser(userId);
} catch (err: any) {
if (supertokens.Error.isErrorFromAuth(err)) { // GENERAL_ERROR
console.log("Something went wrong from supertokens lib");
} else {
console.log("Something went wrong");
}
}
}