# destroy cookie, destroy session
# keep device cookie
new_session
- SET_COOKIE 0 session=""
- SET_COOKIE 0 user_id=""
+ SESSION_COOKIE new
+ SET_COOKIE 0 user_id="" Path="/${_BASE#/}" SameSite=Strict HttpOnly
REDIRECT "${_BASE}${PATH_INFO}#USER_LOGGED_OUT"
}
elif [ "$USER_ID" ]; then
cat <<-EOF
[form #user_login .logout method=POST
- [p You are currently logged in as "${USER_NAME}"]
+ [p Logged in as [span . $(HTML ${USER_NAME})]]
[submit "action" "user_logout" Logout]
]
EOF