You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was expecting to receive a 400 status code when submitting a POST request for log-out if there is no user logged in - because we can't log someone out who wasn't logged in in the first place! However, it looks like I am getting back 200 status codes regardless of whether the user in question was previously logged in or logged out. Seems odd.
The text was updated successfully, but these errors were encountered:
I was expecting to receive a 400 status code when submitting a POST request for log-out if there is no user logged in - because we can't log someone out who wasn't logged in in the first place! However, it looks like I am getting back 200 status codes regardless of whether the user in question was previously logged in or logged out. Seems odd.
@edmundsj You are right, returning a 200 status code for a logout request if the user is not authenticated is not considered to be the best practice. A 400 status code, or Bad Request, would be more appropriate in this case, as it indicates that the request is malformed or incorrect in some way.
I was expecting to receive a 400 status code when submitting a
POST
request for log-out if there is no user logged in - because we can't log someone out who wasn't logged in in the first place! However, it looks like I am getting back 200 status codes regardless of whether the user in question was previously logged in or logged out. Seems odd.The text was updated successfully, but these errors were encountered: