From 9e8876d34ec8c7993b9fca450ee381d82f2ed2ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Cocula?= <rcocula@gmail.com>
Date: Tue, 3 Jan 2017 21:20:42 +0100
Subject: [PATCH] Fix logout

---
 .../player/controller/LoginController.java       | 16 ++++++++++++++--
 .../src/main/webapp/WEB-INF/jsp/top.jsp          |  2 +-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/libresonic-main/src/main/java/org/libresonic/player/controller/LoginController.java b/libresonic-main/src/main/java/org/libresonic/player/controller/LoginController.java
index 11c5a86f..4bfa6a50 100644
--- a/libresonic-main/src/main/java/org/libresonic/player/controller/LoginController.java
+++ b/libresonic-main/src/main/java/org/libresonic/player/controller/LoginController.java
@@ -6,7 +6,10 @@ import org.libresonic.player.service.SecurityService;
 import org.libresonic.player.service.SettingsService;
 import org.libresonic.player.util.StringUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -22,7 +25,6 @@ import java.util.Map;
  * Spring MVC Controller that serves the login page.
  */
 @Controller
-@RequestMapping("/login")
 public class LoginController {
 
 
@@ -33,7 +35,7 @@ public class LoginController {
     @Autowired
     private SettingsService settingsService;
 
-    @RequestMapping(method = { RequestMethod.GET, RequestMethod.POST })
+    @RequestMapping(value = "/login", method = { RequestMethod.GET, RequestMethod.POST })
     public ModelAndView login(HttpServletRequest request, HttpServletResponse response) throws Exception {
 
         // Auto-login if "user" and "password" parameters are given.
@@ -62,4 +64,14 @@ public class LoginController {
         return new ModelAndView("login", "model", map);
     }
 
+    @RequestMapping(value="/logout", method = RequestMethod.GET)
+    public String logoutPage (HttpServletRequest request, HttpServletResponse response) {
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        if (auth != null){
+            LOG.info("User "+auth.getName()+" requested logout.");
+            new SecurityContextLogoutHandler().logout(request, response, auth);
+        }
+        return "redirect:/login?logout";
+    }
+
 }
diff --git a/libresonic-main/src/main/webapp/WEB-INF/jsp/top.jsp b/libresonic-main/src/main/webapp/WEB-INF/jsp/top.jsp
index 28791bfa..424795bb 100644
--- a/libresonic-main/src/main/webapp/WEB-INF/jsp/top.jsp
+++ b/libresonic-main/src/main/webapp/WEB-INF/jsp/top.jsp
@@ -146,7 +146,7 @@
 
             <div class="detail">
                 <fmt:message key="top.logout" var="logout"><fmt:param value="${model.user.username}"/></fmt:message>
-                <a href="j_spring_security_logout" target="_top">${fn:escapeXml(logout)}</a>
+                <a href="/logout" target="_top">${fn:escapeXml(logout)}</a>
             </div>
         </td>