logout provider

[tommysalt]

The logout handler in the example has a path param provider, but its purpose isn't obvious.

goth/examples/main.go

Lines 244 to 248 in 4b34e17

	p.Get("/logout/{provider}", func(res http.ResponseWriter, req *http.Request) {
	gothic.Logout(res, req)
	res.Header().Set("Location", "/")
	res.WriteHeader(http.StatusTemporaryRedirect)
	})

It only calls gothic.Logout(res, req):

goth/gothic/gothic.go

Lines 239 to 252 in 4b34e17

	// Logout invalidates a user session.
	func Logout(res http.ResponseWriter, req *http.Request) error {
	session, err := Store.Get(req, SessionName)
	if err != nil {
	return err
	}
	session.Options.MaxAge = -1
	session.Values = make(map[interface{}]interface{})
	err = session.Save(req, res)
	if err != nil {
	return errors.New("Could not delete user session ")
	}
	return nil
	}

As Logout only clears the session, I assume it's used to invalidate the session if the user breaks the auth flow prematurely. At this point it isn't really a logout but rather a reset. I don't see a reason to scope /logout to a provider, if anything, it makes logging out more difficult because we have to track the provider (e.g. session cookie).