Update code in endpoints/logout.post.py
This commit is contained in:
parent
b291f49d2d
commit
204c4f4845
@ -5,25 +5,30 @@ router = APIRouter()
|
|||||||
|
|
||||||
@router.post("/logout")
|
@router.post("/logout")
|
||||||
async def logout_handler(
|
async def logout_handler(
|
||||||
session_id: str,
|
username: str,
|
||||||
access_token: str = Depends(...),
|
db: Session = Depends(get_db),
|
||||||
refresh_token: str = Depends(...),
|
token: str = Depends(oauth2_scheme)
|
||||||
db: Session = Depends(get_db)
|
|
||||||
):
|
):
|
||||||
"""Demo logout endpoint"""
|
"""Demo logout endpoint"""
|
||||||
user = fake_users_db.get(session_id)
|
user = fake_users_db.get(username)
|
||||||
if not user:
|
if not user:
|
||||||
raise HTTPException(status_code=400, detail="Invalid session")
|
raise HTTPException(status_code=404, detail="User not found")
|
||||||
|
|
||||||
|
# Clear access token
|
||||||
|
access_tokens = user.get("access_tokens", [])
|
||||||
|
access_tokens = [t for t in access_tokens if t != token]
|
||||||
|
user["access_tokens"] = access_tokens
|
||||||
|
|
||||||
|
# Clear refresh token
|
||||||
|
user["refresh_token"] = None
|
||||||
|
|
||||||
# Clear session data
|
# Clear session data
|
||||||
user["session_id"] = None
|
user["session"] = {}
|
||||||
user["access_token"] = None
|
|
||||||
user["refresh_token"] = None
|
return {
|
||||||
|
"message": "Logout successful",
|
||||||
# Clear cookies
|
"user": username,
|
||||||
response = JSONResponse(content={"message": "Logout successful"})
|
"next_steps": [
|
||||||
response.delete_cookie("access_token")
|
"Redirect to login page"
|
||||||
response.delete_cookie("refresh_token")
|
]
|
||||||
response.delete_cookie("session_id")
|
}
|
||||||
|
|
||||||
return response
|
|
Loading…
x
Reference in New Issue
Block a user