Login and Logout

Klub provides login and logout endpoints that integrate with Kirby users while enforcing CSRF and rate limits. Use this page if you want classic email/password auth.

Login

POST /klub/login

Required fields:

  • email
  • password
  • token (CSRF)

Optional:

  • redirect (safe same-origin redirect)
  • captcha / cf-turnstile-response if configured

Notes:

  • If the user has a boolean blocked field set to true, the login is denied with a 403 response.

Logout

POST /klub/logout

Required fields:

  • token (CSRF)

Optional:

  • redirect

Example

<form method="post" action="<?= site()->url() ?>/klub/login">
  <input type="email" name="email" required>
  <input type="password" name="password" required>
  <input type="hidden" name="token" value="<?= csrf() ?>">
  <input type="hidden" name="redirect" value="<?= url('account') ?>">
  <button type="submit">Sign in</button>
</form>
Magic Link Login
Resources
Legal
Support
Services
Kirby Klub is not affiliated with the developers of Kirby CMS. We are merely standing on the shoulder of giants.
© 2026 Bruno Meilick All rights reserved.