Simplify ProfileDropdown logout logic by redirecting to /logout and update nginx.conf to restrict /logout to GET and POST methods only.

main-website/components/ProfileDropdown.tsx

@@ -16,8 +16,7 @@ export default function ProfileDropdown() {
     }, [])
 
     const handleLogout = async () => {
-        await fetch('/logout', { method: 'POST' })
-        router.push('/')
+        window.location.href = '/logout'
     }
 
     const name = profile.email || profile.user || 'Loading...'

nginx.conf

@@ -40,6 +40,8 @@ http {
 
     # Full logout: clears local session and redirects to Keycloak logout
     location = /logout {
+      limit_except GET POST { deny all; }  # allow both GET and POST
+
       access_by_lua_block {
         local session = require("resty.session").start()
         session:destroy()