I have been playing with Auth of fatfree using two routes login and logout. The first time I used login in a url the dialogue box came up asking for username and password. After typing in a username which exists in the table field 'user_name' and password in field 'user-pass' I got true for $result so web page displayed it works. Interestingly I have not got code new Session(); anywhere yet when i then went to url /logout echo $f3->get('SESSION.pass'); was correctly displayed suggesting Auth starts a session.
In my /logout route after echo $f3->get('SESSION.pass');
I have $f3->clear('SESSION');.
Yet if I then flip back between /login url and logout url, the dialogue box no longer shows and logout still displays '1234' which is SESSION.pass. I would have thought that after going to /logout url the session would clear, so after going back to /login url i though it would bring up the login dialogue box to login.
In a nutshell my question is "how do you logout of Auth"? The documentation doesn't seem to mention it.
$f3->route('GET /login',
function($f3)
{
$db = new \DB\SQL('mysql:host=localhost;port=3306; dbname=accra_names2','root','victoria');
$user = new DB\SQL\Mapper($db, 'users');
$auth = new \Auth($user, array('id'=>'user_name', 'pw'=>'user_pass'));
$result = $auth->basic(); // a network login prompt will display to authenticate the user
$f3->set('SESSION.pass','1234');
if($result)
//result true
{
echo "it works";
}
}
);
$f3->route('GET /logout',
function($f3)
{
echo "you want to log out ";
echo $f3->get('SESSION.pass');
$f3->clear('SESSION');
}
);
Actually your question is "how to logout from HTTP basic auth". There are several topics and answers about it here on SO, like this one How to log out user from web site using BASIC authentication? So if you want full control about the login/logoff mechanisms you go probably better with own html forms instead of the browsers basic login box.