restfeathersjsfeathers-authentication

Logout using FeathersJS REST API

Using freshly generated FeathersJS application (local auth), I am doing following REST api calls with following behaviour:

  1. GET /users - it FAILS with not-authorized
  2. POST /authentication with username and password - successful
  3. GET /users - it SUCCEEDS and returns list of users
  4. DELETE /authentication - returns auth object, no error messages (and on server side logout event is generated)
  5. GET /users - it SUCCEEDS and returns list of users

expected result from my side is that on step 5 I would get not-authorized error, as JWT token would be expired after logout on server side.

what am I doing wrong? how can I logout user properly using just REST api, so token would be invalidated? or authentication is meant to be used only in conjunction with FeathersJS client libraries?

p.s. I am trying out FeathersJS as a potential solution for backend REST API for my Flutter app. Hence I am interested only in server side implementation of FeathersJS.

Solution

  • FeathersJS is stateless. So, in your client, just set your access token to null.