logout 기능 대체 #291
Merged
logout 기능 대체 #291
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
YangSiJun528
requested review from
chanwoo00106,
siwony and
jyeonjyan
as code owners
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
개요
세션이 존재하지 않은 상태에서 로그아웃 시 500 에러가 발생하고, whitelabel 페이지로 이동하는 문제가 있습니다.
자세한 내용은 #290 를 참고해주세요.
해당 문제를 해결하기 위해 로그아웃 기능을 새롭게 구현하여 대체하였습니다.
본문
기존의 HttpSecurity에서 제공하는 로그아웃 기능을 Controller로 구현하여 대체하였습니다.
로그인한 상태의 사용자만 SecurityContextLogoutHandler의 로그아웃을 호출하도록 변경하여, 로그아웃이 이루어지도록 구현하였습니다.
세션이 없는 사용자가 요청하더라도
AnonymousAuthenticationFilter를 거친 후에는AnonymousAuthenticationToken이 할당된 상태이기 때문에 인증 토큰을 문제 없이 가져올 수 있습니다.