auth: support redirecting to custom URL upon sign out (#8089)

Co-authored-by: ᴊᴏᴇ ᴄʜᴇɴ <jc@unknwon.io>
2026-03-03 18:51:06 +01:00 · 2026-01-17 02:14:26 +05:30
parent b8ab712819
commit b7010084b7
6 changed files with 16 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ All notable changes to Gogs are documented in this file.

 - Support using TLS for Redis session provider using `[session] PROVIDER_CONFIG = ...,tls=true`. [#7860](https://github.com/gogs/gogs/pull/7860)
 - Support expanading values in `app.ini` from environment variables, e.g. `[database] PASSWORD = ${DATABASE_PASSWORD}`. [#8057](https://github.com/gogs/gogs/pull/8057)
+- Support custom logout URL that users get redirected to after sign out using `[auth] CUSTOM_LOGOUT_URL`. [#8089](https://github.com/gogs/gogs/pull/8089)
 - Start publishing next-generation, security-focused Docker image via `gogs/gogs:next-latest`, which will become the default image distribution (`gogs/gogs:latest`) starting 0.15.0. While not all container options support have been added in the next-generation image, the use of current legacy Docker image is deprecated, it will be published as `gogs/gogs:legacy-latest` starting 0.15.0, and be completely removed starting 0.16.0. [#8061](https://github.com/gogs/gogs/pull/8061)

 ### Changed
--- a/conf/locale/locale_en-US.ini
+++ b/conf/locale/locale_en-US.ini
@@ -1274,6 +1274,7 @@ config.email.test_mail_failed = Failed to send test email to '%s': %v
 config.email.test_mail_sent = Test email has been sent to '%s'.

 config.auth_config = Authentication configuration
+config.auth_custom_logout_url = Custom logout URL
 config.auth.activate_code_lives = Activate code lives
 config.auth.reset_password_code_lives = Reset password code lives
 config.auth.require_email_confirm = Require email confirmation
--- a/internal/conf/static.go
+++ b/internal/conf/static.go
@@ -249,6 +249,7 @@ type AuthOpts struct {
 	EnableReverseProxyAuthentication   bool
 	EnableReverseProxyAutoRegistration bool
 	ReverseProxyAuthenticationHeader   string
+	CustomLogoutURL                    string `ini:"CUSTOM_LOGOUT_URL"`
 }

 // Authentication settings
--- a/internal/conf/testdata/TestInit.golden.ini
+++ b/internal/conf/testdata/TestInit.golden.ini
@@ -107,6 +107,7 @@ ENABLE_REGISTRATION_CAPTCHA=true
 ENABLE_REVERSE_PROXY_AUTHENTICATION=false
 ENABLE_REVERSE_PROXY_AUTO_REGISTRATION=false
 REVERSE_PROXY_AUTHENTICATION_HEADER=X-FORWARDED-FOR
+CUSTOM_LOGOUT_URL=

 [user]
 ENABLE_EMAIL_NOTIFICATION=true
--- a/internal/route/user/auth.go
+++ b/internal/route/user/auth.go
@@ -287,6 +287,10 @@ func SignOut(c *context.Context) {
 	c.SetCookie(conf.Security.CookieUsername, "", -1, conf.Server.Subpath)
 	c.SetCookie(conf.Security.CookieRememberName, "", -1, conf.Server.Subpath)
 	c.SetCookie(conf.Session.CSRFCookieName, "", -1, conf.Server.Subpath)
+	if conf.Auth.CustomLogoutURL != "" {
+		c.Redirect(conf.Auth.CustomLogoutURL)
+		return
+	}
 	c.RedirectSubpath("/")
 }

--- a/templates/admin/config.tmpl
+++ b/templates/admin/config.tmpl
@@ -308,6 +308,14 @@
 						<dd><i class="fa fa{{if .Auth.EnableReverseProxyAutoRegistration}}-check{{end}}-square-o"></i></dd>
 						<dt>{{.i18n.Tr "admin.config.auth.reverse_proxy_authentication_header"}}</dt>
 						<dd><code>{{.Auth.ReverseProxyAuthenticationHeader}}</code></dd>
+						<dt>{{.i18n.Tr "admin.config.auth_custom_logout_url"}}</dt>
+						<dd>
+							{{if .Auth.CustomLogoutURL}}
+								<code>{{.Auth.CustomLogoutURL}}</code>
+							{{else}}
+								<i>{{.i18n.Tr "admin.config.not_set"}}</i>
+							{{end}}
+						</dd>
 					</dl>
 				</div>