Fix logout triggering 404 error

See https://talk.tiddlywiki.org/t/logout-error-xmlhttprequest-error-code-404/5590/5 for details

We can't POST to the logout endpoint without triggering authentication, so we report in advance whether logout is supported.

core/modules/server/routes/get-status.js

@@ -21,6 +21,7 @@ exports.handler = function(request,response,state) {
 		username: state.authenticatedUsername || state.server.get("anon-username") || "",
 		anonymous: !state.authenticatedUsername,
 		read_only: !state.server.isAuthorized("writers",state.authenticatedUsername),
+		logout_is_available: false,
 		space: {
 			recipe: "default"
 		},

editions/tw5.com/tiddlers/webserver/WebServer API_ Get Server Status.tid

@@ -25,6 +25,7 @@ The JSON data returned comprises the following properties:
 * ''username'' - the username of the currently authenticated user. If undefined, the [[WebServer Parameter: anon-username]] is returned instead
 * ''anonymous'' - true if the current user is anonymous
 * ''read_only'' - true if the current user is restricted to read only access to the server
+* ''logout_is_available'' - true if the server supports logging out (optional, defaults to true)
 * ''space'' - always contains the object `{recipe: "default"}`
 * ''tiddlywiki_version''  - the current TiddlyWiki version
 

plugins/tiddlywiki/tiddlyweb/tiddlywebadaptor.js

@@ -23,6 +23,7 @@ function TiddlyWebAdaptor(options) {
 	this.logger = new $tw.utils.Logger("TiddlyWebAdaptor");
 	this.isLoggedIn = false;
 	this.isReadOnly = false;
+	this.logoutIsAvailable = true;
 }
 
 TiddlyWebAdaptor.prototype.name = "tiddlyweb";
@@ -91,6 +92,7 @@ TiddlyWebAdaptor.prototype.getStatus = function(callback) {
 				self.isLoggedIn = json.username !== "GUEST";
 				self.isReadOnly = !!json["read_only"];
 				self.isAnonymous = !!json.anonymous;
+				self.logoutIsAvailable = "logout_is_available" in json ? !!json["logout_is_available"] : true;
 			}
 			// Invoke the callback if present
 			if(callback) {
@@ -127,6 +129,7 @@ TiddlyWebAdaptor.prototype.login = function(username,password,callback) {
 /*
 */
 TiddlyWebAdaptor.prototype.logout = function(callback) {
+	if(this.logoutIsAvailable) {
 		var options = {
 			url: this.host + "logout",
 			type: "POST",
@@ -134,7 +137,7 @@ TiddlyWebAdaptor.prototype.logout = function(callback) {
 				csrf_token: this.getCsrfToken(),
 				tiddlyweb_redirect: "/status" // workaround to marginalize automatic subsequent GET
 			},
-		callback: function(err,data) {
+			callback: function(err,data,xhr) {
 				callback(err);
 			},
 			headers: {
@@ -144,6 +147,10 @@ TiddlyWebAdaptor.prototype.logout = function(callback) {
 		};
 		this.logger.log("Logging out:",options);
 		$tw.utils.httpRequest(options);
+	} else {
+		alert("This server does not support logging out. If you are using basic authentication the only way to logout is close all browser windows");
+		callback(null);
+	}
 };
 
 /*