Added basic login and logout functionality

- update SecurityConfiguration
  - add logout
  - add login
- add AuthenticationController
- add goodbye.html
- add logout.html
- add login.html

src/main/kotlin/ltd/hlaeja/configuration/SecurityConfiguration.kt

@@ -2,9 +2,11 @@ package ltd.hlaeja.configuration
 
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpStatus.FOUND
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.web.server.ServerHttpSecurity
 import org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
+import org.springframework.security.config.web.server.ServerHttpSecurity.FormLoginSpec
 import org.springframework.security.web.server.SecurityWebFilterChain
 
 @Configuration
@@ -14,8 +16,19 @@ class SecurityConfiguration {
     @Bean
     fun securityWebFilterChain(serverHttpSecurity: ServerHttpSecurity): SecurityWebFilterChain = serverHttpSecurity
         .authorizeExchange(::authorizeExchange)
+        .formLogin(::formLogin)
+        .logout(::logout)
         .build()
 
+    private fun logout(logout: ServerHttpSecurity.LogoutSpec) = logout.logoutUrl("/logout")
+        .logoutSuccessHandler { webFilter, _ ->
+            webFilter.exchange.response.headers.add("Location", "/logout")
+            webFilter.exchange.response.statusCode = FOUND
+            webFilter.exchange.response.setComplete()
+        }
+
+    private fun formLogin(login: FormLoginSpec) = login.loginPage("/login")
+
     private fun authorizeExchange(authorizeExchange: AuthorizeExchangeSpec) = authorizeExchange
         .publicPaths().permitAll()
         .anyExchange().authenticated()
@@ -25,5 +38,7 @@ class SecurityConfiguration {
         "/js/**",
         "/img/**",
         "/actuator/**",
+        "/login",
+        "/logout",
     )
 }