www: delete correct cookie after logout

1 files changed, 4 insertions, 2 deletions

diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
index d19ad37d..3dc7bc76 100644
--- a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
+++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -48,6 +48,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Resource
     private UserService userService;
 
+    private final String COOKIE_NAME = "juick-remember-me";
+
     @Bean("userDetailsService")
     @Override
     public UserDetailsService userDetailsServiceBean() throws Exception {
@@ -81,7 +83,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .invalidateHttpSession(true)
                 .logoutUrl("/logout")
                 .logoutSuccessUrl("/login?logout")
-                .deleteCookies("hash", "remember-me")
+                .deleteCookies("hash", COOKIE_NAME)
                 .and()
                 .formLogin()
                 .loginPage("/login")
@@ -120,7 +122,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
         TokenBasedRememberMeServices services = new TokenBasedRememberMeServices(
                 rememberMeKey, userDetailsService());
 
-        services.setCookieName("juick-remember-me");
+        services.setCookieName(COOKIE_NAME);
         services.setCookieDomain(webDomain);
         services.setAlwaysRemember(true);
         services.setTokenValiditySeconds(6 * 30 * 24 * 3600);