From 6b96d8ba8330dff9b25cb3e00c75c6ea20134ca8 Mon Sep 17 00:00:00 2001
From: Alexander Alexeev
Date: Wed, 5 Apr 2017 19:14:12 +0700
Subject: remove old cookies on logout

---
 .../main/java/com/juick/www/configuration/WebSecurityConfig.java    | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'juick-www/src/main/java/com/juick/www/configuration')

diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
index d3aa9e81..dde67aa1 100644
--- a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
+++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -55,7 +55,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .and()
                 .sessionManagement().invalidSessionUrl("/")
                 .and()
-                .logout().invalidateHttpSession(true).logoutUrl("/logout").logoutSuccessUrl("/login?logout")
+                .logout()
+                .invalidateHttpSession(true)
+                .logoutUrl("/logout")
+                .logoutSuccessUrl("/login?logout")
+                .deleteCookies("hash", "remember-me")
                 .and()
                 .formLogin()
                 .loginPage("/login")
-- 
cgit v1.2.3