From 7bc8fb4be4c345ef1cefa43540342d2dac65f23c Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Tue, 24 Oct 2017 23:20:24 +0300
Subject: www: delete correct cookie after logout

---
 .../main/java/com/juick/www/configuration/WebSecurityConfig.java    | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
index d19ad37d..3dc7bc76 100644
--- a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
+++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -48,6 +48,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Resource
     private UserService userService;
 
+    private final String COOKIE_NAME = "juick-remember-me";
+
     @Bean("userDetailsService")
     @Override
     public UserDetailsService userDetailsServiceBean() throws Exception {
@@ -81,7 +83,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .invalidateHttpSession(true)
                 .logoutUrl("/logout")
                 .logoutSuccessUrl("/login?logout")
-                .deleteCookies("hash", "remember-me")
+                .deleteCookies("hash", COOKIE_NAME)
                 .and()
                 .formLogin()
                 .loginPage("/login")
@@ -120,7 +122,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
         TokenBasedRememberMeServices services = new TokenBasedRememberMeServices(
                 rememberMeKey, userDetailsService());
 
-        services.setCookieName("juick-remember-me");
+        services.setCookieName(COOKIE_NAME);
         services.setCookieDomain(webDomain);
         services.setAlwaysRemember(true);
         services.setTokenValiditySeconds(6 * 30 * 24 * 3600);
-- 
cgit v1.2.3