feat:#2 logout 생성

FC-MINI-6 · Aug 1, 2023 · 9695006 · 9695006
1 parent c1fa648
commit 9695006
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/src/main/java/com/example/kdtbe5_miniproject/_core/security/SecurityConfig.java b/src/main/java/com/example/kdtbe5_miniproject/_core/security/SecurityConfig.java
@@ -81,6 +81,13 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
         return http.build();
     }
 
+    protected void configure(HttpSecurity http)throws Exception {
+        http.logout()
+                .logoutSuccessUrl("/") //로그아웃 성공시 리다이렉트주소
+                .invalidateHttpSession(true) //로그아웃 이후 세션 전체 삭제 여부
+                .deleteCookies("JSSIONID");
+    }
+
     public CorsConfigurationSource configurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
         configuration.addAllowedHeader("*");

diff --git a/src/main/java/com/example/kdtbe5_miniproject/user/UserController.java b/src/main/java/com/example/kdtbe5_miniproject/user/UserController.java
@@ -14,12 +14,16 @@
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
 import org.springframework.validation.Errors;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 import java.time.LocalDateTime;
 
@@ -67,4 +71,14 @@ private void addLoginHistory(HttpServletRequest request, CustomUserDetails myUse
 
         loginHistoryService.save(loginHistoryDTO);
     }
+
+    @GetMapping(value = "/logout")
+    public String logout(HttpServletRequest request, HttpServletResponse response) {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication != null) {
+            new SecurityContextLogoutHandler().logout(request, response, authentication);
+        }
+        return "redirect:/login";
+    }
+
 }