Charles-Edouard
/
Easy_solution
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

implement logout functionality and improve SSO logout process

This commit is contained in:
mathis 2026-02-26 17:03:51 +01:00
parent 8f35520311
commit d50a6bd238
2 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/packages/security.yaml
View File

@ -59,9 +59,10 @@ security:
enable_csrf: true
default_target_path: app_index
use_referer: true
# logout:
# path: app_logout
# target: app_login
logout:
path: app_logout
enable_csrf: false
target: app_login
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall

31
src/Controller/SecurityController.php
View File

@ -48,22 +48,33 @@ class SecurityController extends AbstractController
]);
}
#[Route(path: '/sso_logout', name: 'sso_logout')]
public function ssoLogout(RequestStack $stack, LoggerInterface $logger, AccessTokenService $accessTokenService, Security $security): Response
#[Route(path: '/logout', name: 'app_logout')]
public function logout(): void
{
throw new \Exception('This should never be reached!');
}
#[Route(path: '/sso_logout', name: 'sso_logout')]
public function ssoLogout(AccessTokenService $accessTokenService): Response
{
$this->logger->info('SSO Logout called from EasyCheck');
try {
$user = $this->userService->getUserByIdentifier($this->security->getUser()->getUserIdentifier());
$id = $user->getId();
if ($stack->getSession()->invalidate()) {
$accessTokenService->revokeUserTokens($security->getUser()->getUserIdentifier());
$security->logout(false);
$user = $this->getUser();
if ($user) {
$id = $user->getId();
$this->logger->info('Revoking tokens for user', ['user_id' => $id]);
$accessTokenService->revokeUserTokens($user->getUserIdentifier());
$this->loggerService->logUserConnection('User logged out', ['user_id' => $id]);
return $this->redirect('/');
} else {
$this->logger->warning('No user found during SSO logout');
}
} catch (\Exception $e) {
$logger->log(LogLevel::ERROR, 'Error invalidating session: ' . $e->getMessage());
$this->logger->log(LogLevel::ERROR, 'Error during SSO logout: ' . $e->getMessage());
}
return $this->redirectToRoute('app_index');
$this->logger->info('Redirecting to app_logout');
return $this->redirectToRoute('app_logout');
}
#[Route(path: '/consent', name: 'app_consent')]