onixbyte/delta-force-guide-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

feat: add logout endpoint and refactor cookie management in AuthController

Browse Source
This commit is contained in:
Zihlu Wang
2026-04-14 12:13:02 +08:00
parent 8fbb73740c
commit 1fc7b932bc
3 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/java/com/onixbyte/deltaforceguide/config/SecurityConfig.java
+1 -1
View File
@@ -45,8 +45,8 @@ public class SecurityConfig {
.authorizeHttpRequests((customiser) -> customiser
.requestMatchers("/error", "/error/**").permitAll()
.requestMatchers("/captcha", "/captcha/**").permitAll()
.requestMatchers("/auth/**").permitAll()
.requestMatchers("/auth/logout").authenticated()
.requestMatchers("/auth/**").permitAll()
.requestMatchers(
"/swagger-ui.html",
"/swagger-ui",
src/main/java/com/onixbyte/deltaforceguide/controller/AuthController.java
+12 -1
View File
@@ -5,6 +5,7 @@ import com.onixbyte.deltaforceguide.domain.dto.UserResponse;
import com.onixbyte.deltaforceguide.client.TokenClient;
import com.onixbyte.deltaforceguide.service.AuthService;
import com.onixbyte.deltaforceguide.service.CookieService;
import com.onixbyte.deltaforceguide.shared.CookieName;
import jakarta.validation.Valid;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;
@@ -13,6 +14,8 @@ import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.time.Duration;
@RestController
@RequestMapping("/auth")
public class AuthController {
@@ -31,10 +34,18 @@ public class AuthController {
public ResponseEntity<UserResponse> login(@Valid @RequestBody LoginRequest request) {
var user = authService.login(request);
var accessToken = tokenClient.generateToken(user);
var accessTokenCookie = cookieService.buildCookie("AccessToken", accessToken);
var accessTokenCookie = cookieService.buildCookie(CookieName.ACCESS_TOKEN, accessToken);
return ResponseEntity.ok()
.header(HttpHeaders.SET_COOKIE, accessTokenCookie.toString())
.body(UserResponse.from(user));
}
@PostMapping("/logout")
public ResponseEntity<Void> logout() {
var expiredCookie = cookieService.buildCookie(CookieName.ACCESS_TOKEN, "", Duration.ZERO);
return ResponseEntity.noContent()
.header(HttpHeaders.SET_COOKIE, expiredCookie.toString())
.build();
}
}
src/main/java/com/onixbyte/deltaforceguide/shared/CookieName.java
+6
View File
@@ -0,0 +1,6 @@
package com.onixbyte.deltaforceguide.shared;
public class CookieName {
public static final String ACCESS_TOKEN = "AccessToken";
}