This endpoint requires the caller to be authenticated (Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Andrespeerez/porfolio-blog/llms.txt
Use this file to discover all available pages before exploring further.
.RequireAuthorization() is applied at registration time). It delegates to LogoutUser.ExecuteAsync(), which calls ISessionManager.SignOutAsync() — implemented by CookieSessionManager — to clear the ASP.NET Core authentication cookie. Once the cookie is invalidated, the server issues a 302 Found redirect to /login, returning the browser to the public login page.
Request
Method
POSTPath
/api/auth/logout.AspNetCore.Cookies authentication cookie issued by POST /api/auth/login. Requests without a valid cookie are rejected with 401 Unauthorized.
Request body: None. This endpoint takes no parameters.
Request example
cURL
Responses
302 Found
Logout succeeded. The authentication cookie is expired via
Set-Cookie, and the client is redirected to /login.401 Unauthorized
The request was not authenticated. No valid authentication cookie was present. The user is effectively already logged out.
Response example
302 Found
Response fields
Always
/login. The redirect is hard-coded in the handler via Results.Redirect("/login").The authentication cookie is overwritten with an empty value and a past expiry date, causing the browser to delete it immediately.
Antiforgery note
This endpoint has
.DisableAntiforgery() applied at registration. This allows the Admin.razor HTML <form> to submit POST /api/auth/logout without an antiforgery token. This is intentional: Blazor’s built-in antiforgery token infrastructure is not automatically available to standard HTML forms rendered outside a Blazor form context, so requiring it here would cause all logout attempts from the admin UI to fail with a 400 Bad Request.Source reference
The full endpoint registration and handler are defined inApi/Auth/Logout.cs:
Logout.cs
LogoutUser use case delegates sign-out to the ISessionManager abstraction:
LogoutUser.cs
Program.cs alongside the login route:
Program.cs