Update code in endpoints/logout.post.py

2025-03-21 09:13:10 +01:00 · 2025-03-21 09:13:10 +01:00 · 204c4f4845
commit 204c4f4845
parent b291f49d2d
1 changed files with 22 additions and 17 deletions
--- a/endpoints/logout.post.py
+++ b/endpoints/logout.post.py
@ -5,25 +5,30 @@ router = APIRouter()

@router.post("/logout")
 async def logout_handler(
-    session_id: str,
-    access_token: str = Depends(...),
-    refresh_token: str = Depends(...),
-    db: Session = Depends(get_db)
+    username: str,
+    db: Session = Depends(get_db),
+    token: str = Depends(oauth2_scheme)
 ):
    """Demo logout endpoint"""
-    user = fake_users_db.get(session_id)
+    user = fake_users_db.get(username)
    if not user:
-        raise HTTPException(status_code=400, detail="Invalid session")
+        raise HTTPException(status_code=404, detail="User not found")
+    
+    # Clear access token
+    access_tokens = user.get("access_tokens", [])
+    access_tokens = [t for t in access_tokens if t != token]
+    user["access_tokens"] = access_tokens
+    
+    # Clear refresh token
+    user["refresh_token"] = None
    
    # Clear session data
-    user["session_id"] = None
-    user["access_token"] = None 
-    user["refresh_token"] = None
-
-    # Clear cookies
-    response = JSONResponse(content={"message": "Logout successful"})
-    response.delete_cookie("access_token")
-    response.delete_cookie("refresh_token")
-    response.delete_cookie("session_id")
-
-    return response
+    user["session"] = {}
+    
+    return {
+        "message": "Logout successful",
+        "user": username,
+        "next_steps": [
+            "Redirect to login page"
+        ]
+    }