Simplify ProfileDropdown logout logic by redirecting to /logout and update nginx.conf to restrict /logout to GET and POST methods only.

2025-06-14 10:04:54 +02:00
parent 3fc0cf1207
commit 73541a7aa3
2 changed files with 3 additions and 2 deletions
--- a/nginx.conf
+++ b/nginx.conf
@@ -40,6 +40,8 @@ http {

    # Full logout: clears local session and redirects to Keycloak logout
    location = /logout {
+      limit_except GET POST { deny all; }  # allow both GET and POST
+
      access_by_lua_block {
        local session = require("resty.session").start()
        session:destroy()