Additional resources
In this section, we create a custom logout button that will:
You can clone the example logout button on CodePen and make edits, or follow along below.
The example form has the Userfront Core JS library added to the document, as described in the next section.
See the Pen by userfront (@userfront) on CodePen.
You can add the Userfront Core JS library by CDN or using npm.
You only need to do one of these.
Create your logout button with the elements you want to use.
In this case, we're using a custom-styled <button>
element that is red when active and gray if the user is not logged in.
<button id="logout-button" disabled> Logout</button>
#logout-button { background-color: red; color: white; border: none; padding: 5px 10px;}
#logout-button[disabled] { background-color: lightgray; color: gray;}
The logout() method allows you to log out a user.
Userfront then does the following:
// Sample: how to use Userfront.logout()Userfront.init("demo1234");Userfront.logout();
Userfront.logout()
will do nothing if the user is not logged in.
In the example code here, we do the following:
Userfront.tokens.accessToken
. If the user is logged in, this will return a value and the if
statement will evaluate to true
.buttonLogout()
function we can call to handle the button clickbuttonLogout()
when the form is submitted// Initialize UserfrontUserfront.init("demo1234");
// 1. Reference the buttonvar buttonEl = document.getElementById("logout-button");
// 2. Enable the button if the user is logged inif (Userfront.tokens.accessToken) { buttonEl.disabled = false;}
// 3. Log out the userfunction logout(e) { // Prevent the form's default behavior e.preventDefault(); // Call Userfront.logout() Userfront.logout();}
// 4. Add an event listener for the button clickbuttonEl.addEventListener("click", logout);
You are not required to show the button when the user is not logged in; usually the logout button is only shown on pages where the user must be logged in.
You can show a disabled state by adding the disabled
property to the button's HTML.
If the user is logged in, Userfront.tokens.accessToken
will return a value, so we can test against this and enable the button by setting buttonEl.disabled = false
. This removes the disabled
property from the button.
<button class="logout-button" disabled> Logout</button>
var buttonEl = document.getElementById("logout-button");
if (Userfront.tokens.accessToken) { buttonEl.disabled = false;}
Whenever Userfront.logout()
is called, the method makes an API call to Userfront to invalidate the user's current session and clear any refresh tokens.
The method then removes the access token and ID token cookies from the browser.
Once the user's session has been invalidated and their tokens have been cleared from the browser, the browser is redirected to your workspace's After-logout path.
If the user is not logged in and Userfront.logout()
is called, the browser will not be redirected.