Charles-Edouard
/
Easy_solution
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

implement logout functionality and improve SSO logout process

This commit is contained in:
mathis 2026-02-26 17:03:51 +01:00
parent 8f35520311
commit d50a6bd238
2 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/packages/security.yaml
View File

@ -59,9 +59,10 @@ security:
enable_csrf: true enable_csrf: true
default_target_path: app_index default_target_path: app_index
use_referer: true use_referer: true
# logout: logout:
# path: app_logout path: app_logout
# target: app_login enable_csrf: false
target: app_login
# activate different ways to authenticate # activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall # https://symfony.com/doc/current/security.html#the-firewall

31
src/Controller/SecurityController.php
View File

@ -48,22 +48,33 @@ class SecurityController extends AbstractController
]); ]);
} }
#[Route(path: '/sso_logout', name: 'sso_logout')] #[Route(path: '/logout', name: 'app_logout')]
public function ssoLogout(RequestStack $stack, LoggerInterface $logger, AccessTokenService $accessTokenService, Security $security): Response public function logout(): void
{ {
throw new \Exception('This should never be reached!');
}
#[Route(path: '/sso_logout', name: 'sso_logout')]
public function ssoLogout(AccessTokenService $accessTokenService): Response
{
$this->logger->info('SSO Logout called from EasyCheck');
try { try {
$user = $this->userService->getUserByIdentifier($this->security->getUser()->getUserIdentifier()); $user = $this->getUser();
$id = $user->getId(); if ($user) {
if ($stack->getSession()->invalidate()) { $id = $user->getId();
$accessTokenService->revokeUserTokens($security->getUser()->getUserIdentifier()); $this->logger->info('Revoking tokens for user', ['user_id' => $id]);
$security->logout(false); $accessTokenService->revokeUserTokens($user->getUserIdentifier());
$this->loggerService->logUserConnection('User logged out', ['user_id' => $id]); $this->loggerService->logUserConnection('User logged out', ['user_id' => $id]);
return $this->redirect('/'); } else {
$this->logger->warning('No user found during SSO logout');
} }
} catch (\Exception $e) { } catch (\Exception $e) {
$logger->log(LogLevel::ERROR, 'Error invalidating session: ' . $e->getMessage()); $this->logger->log(LogLevel::ERROR, 'Error during SSO logout: ' . $e->getMessage());
} }
return $this->redirectToRoute('app_index');
$this->logger->info('Redirecting to app_logout');
return $this->redirectToRoute('app_logout');
} }
#[Route(path: '/consent', name: 'app_consent')] #[Route(path: '/consent', name: 'app_consent')]