Update code in endpoints/logout.post.py
This commit is contained in:
parent
39e6a88b4e
commit
a1752eca21
@ -5,34 +5,21 @@ router = APIRouter()
|
|||||||
|
|
||||||
@router.post("/logout")
|
@router.post("/logout")
|
||||||
async def logout_handler(
|
async def logout_handler(
|
||||||
token: str = Depends(oauth2_scheme),
|
user_id: str = Depends(get_current_user_id)
|
||||||
db: Session = Depends(get_db)
|
|
||||||
):
|
):
|
||||||
"""Demo logout endpoint"""
|
"""Demo logout endpoint"""
|
||||||
user = get_user_from_token(token, db)
|
if user_id not in fake_users_db:
|
||||||
if not user:
|
raise HTTPException(status_code=404, detail="User not found")
|
||||||
raise HTTPException(status_code=401, detail="Invalid authentication credentials")
|
|
||||||
|
# Clear access token, refresh token and session
|
||||||
# Clear access token
|
fake_users_db[user_id]["access_token"] = None
|
||||||
access_tokens_db.pop(token, None)
|
fake_users_db[user_id]["refresh_token"] = None
|
||||||
|
fake_users_db[user_id]["session"] = None
|
||||||
# Clear refresh token
|
|
||||||
refresh_token = user.refresh_token
|
|
||||||
if refresh_token:
|
|
||||||
refresh_tokens_db.pop(refresh_token, None)
|
|
||||||
user.refresh_token = None
|
|
||||||
|
|
||||||
# Clear session data
|
|
||||||
session_id = user.session_id
|
|
||||||
if session_id:
|
|
||||||
sessions_db.pop(session_id, None)
|
|
||||||
user.session_id = None
|
|
||||||
|
|
||||||
db.commit()
|
|
||||||
|
|
||||||
return {
|
return {
|
||||||
"message": "Logout successful",
|
"message": "Logout successful",
|
||||||
"next_steps": [
|
"next_steps": [
|
||||||
|
"Clear client-side session data",
|
||||||
"Redirect to login page"
|
"Redirect to login page"
|
||||||
]
|
]
|
||||||
}
|
}
|
Loading…
x
Reference in New Issue
Block a user