Update code in endpoints/logout.post.py

2025-03-21 09:50:30 +01:00 · 2025-03-21 09:50:30 +01:00 · 25d293ce15
commit 25d293ce15
parent 459efdc891
1 changed files with 35 additions and 17 deletions
--- a/endpoints/logout.post.py
+++ b/endpoints/logout.post.py
@ -1,27 +1,45 @@
 from fastapi import APIRouter, Depends, HTTPException
 from core.database import fake_users_db
-import uuid
+from fastapi.responses import JSONResponse
+from core.auth import authenticate_user, create_access_token, create_refresh_token
+from datetime import timedelta

 router = APIRouter()

-@router.post("/logout")
-async def logout_handler(
+@router.post("/login")
+async def login_handler(
    username: str,
-    db: Session = Depends(get_db),
-    token: str = Depends(oauth2_scheme)
+    password: str,
+    response: JSONResponse
 ):
-    """Demo logout endpoint"""
+    """Demo login endpoint"""
    user = fake_users_db.get(username)
-    if not user:
-        raise HTTPException(status_code=404, detail="User not found")
+    if not user or user["password"] != password:
+        raise HTTPException(status_code=400, detail="Invalid credentials")
    
-    # Invalidate token or clear session data
+    access_token = create_access_token(user["id"])
+    refresh_token = create_refresh_token(user["id"])
    
-    return {
-        "message": "Logout successful",
-        "username": username,
-        "next_steps": [
-            "Session cleared",
-            "Access revoked"
-        ]
-    }
+    response.set_cookie(
+        key="access_token",
+        value=access_token,
+        httponly=True,
+        max_age=1800,
+        expires=1800
+    )
+    response.set_cookie(
+        key="refresh_token",
+        value=refresh_token,
+        httponly=True,
+        max_age=604800,
+        expires=604800
+    )
+    response.set_cookie(
+        key="session_id",
+        value=user["id"],
+        httponly=True,
+        max_age=604800,
+        expires=604800
+    )
+    
+    return {"message": "Login successful"}