implement logout
This commit is contained in:
parent
16c94fcaa6
commit
d0c888d6c4
30
app/main.py
30
app/main.py
|
@ -1,5 +1,5 @@
|
||||||
import os
|
import os
|
||||||
from flask import Flask, render_template, request, redirect, abort
|
from flask import Flask, render_template, request, redirect, abort, url_for, session
|
||||||
import requests
|
import requests
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
|
||||||
|
@ -24,6 +24,10 @@ def home():
|
||||||
if is_logged_in():
|
if is_logged_in():
|
||||||
resp_json = requests.get(f'{database_url}/token/latest').json()
|
resp_json = requests.get(f'{database_url}/token/latest').json()
|
||||||
access_token = resp_json['token']['access_token']
|
access_token = resp_json['token']['access_token']
|
||||||
|
|
||||||
|
# set session token id
|
||||||
|
session['token_id'] = resp_json['token']['id']
|
||||||
|
|
||||||
user_info = requests.get('https://api.github.com/user', headers={
|
user_info = requests.get('https://api.github.com/user', headers={
|
||||||
'Authorization': f'Bearer {access_token}'
|
'Authorization': f'Bearer {access_token}'
|
||||||
}).json()
|
}).json()
|
||||||
|
@ -87,7 +91,27 @@ def oauth_redirect():
|
||||||
# Save tokens for later use
|
# Save tokens for later use
|
||||||
save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in'])
|
save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in'])
|
||||||
|
|
||||||
return redirect('/')
|
return redirect(url_for('home'))
|
||||||
|
|
||||||
|
# logout
|
||||||
|
@app.route('/logout')
|
||||||
|
def logout():
|
||||||
|
token_id = session.get('token_id')
|
||||||
|
|
||||||
|
if not token_id:
|
||||||
|
return redirect(url_for('home'))
|
||||||
|
|
||||||
|
# remove token_id from session
|
||||||
|
session.pop('token_id', None)
|
||||||
|
|
||||||
|
response = requests.put(f'{database_url}/token/{token_id}', headers={
|
||||||
|
'Content-Type': 'application/json'
|
||||||
|
}, json={
|
||||||
|
'is_logged_in': False
|
||||||
|
})
|
||||||
|
response.raise_for_status()
|
||||||
|
|
||||||
|
return redirect(url_for('home'))
|
||||||
|
|
||||||
def is_logged_in():
|
def is_logged_in():
|
||||||
response = requests.get(f'{database_url}/token/latest')
|
response = requests.get(f'{database_url}/token/latest')
|
||||||
|
@ -96,7 +120,7 @@ def is_logged_in():
|
||||||
return False
|
return False
|
||||||
elif response.status_code == 200:
|
elif response.status_code == 200:
|
||||||
resp_json = response.json()
|
resp_json = response.json()
|
||||||
return resp_json['token']['expiration_seconds'] + resp_json['token']['timestamp'] > datetime.now().timestamp()
|
return resp_json['token']['is_logged_in'] or False
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def save_tokens(access_token, refresh_token, expiration_seconds):
|
def save_tokens(access_token, refresh_token, expiration_seconds):
|
||||||
|
|
|
@ -7,5 +7,9 @@
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<h1>Logged In as {{ user_info.login }}({{user_info.name}})</h1>
|
<h1>Logged In as {{ user_info.login }}({{user_info.name}})</h1>
|
||||||
|
<!-- Logout -->
|
||||||
|
<form action="/logout" method="POST">
|
||||||
|
<input type="submit" value="Logout">
|
||||||
|
</form>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -12,6 +12,7 @@ class Token(db.Model):
|
||||||
access_token = db.Column(db.String(255), nullable=False)
|
access_token = db.Column(db.String(255), nullable=False)
|
||||||
refresh_token = db.Column(db.String(255), nullable=False)
|
refresh_token = db.Column(db.String(255), nullable=False)
|
||||||
expiration_seconds = db.Column(db.Integer, nullable=False)
|
expiration_seconds = db.Column(db.Integer, nullable=False)
|
||||||
|
is_logged_in = db.Column(db.Boolean, default=True)
|
||||||
timestamp = db.Column(db.DateTime, default=datetime.utcnow)
|
timestamp = db.Column(db.DateTime, default=datetime.utcnow)
|
||||||
|
|
||||||
def __repr__(self):
|
def __repr__(self):
|
||||||
|
@ -45,6 +46,7 @@ def get_latest_token():
|
||||||
|
|
||||||
if latest_token:
|
if latest_token:
|
||||||
token_info = {
|
token_info = {
|
||||||
|
'id': latest_token.id,
|
||||||
'access_token': latest_token.access_token,
|
'access_token': latest_token.access_token,
|
||||||
'refresh_token': latest_token.refresh_token,
|
'refresh_token': latest_token.refresh_token,
|
||||||
'expiration_seconds': latest_token.expiration_seconds,
|
'expiration_seconds': latest_token.expiration_seconds,
|
||||||
|
@ -54,5 +56,17 @@ def get_latest_token():
|
||||||
else:
|
else:
|
||||||
return '', 204
|
return '', 204
|
||||||
|
|
||||||
|
# API to update the token based on the id
|
||||||
|
@app.route('/token/<id>', methods=['PUT'])
|
||||||
|
def update_token(id):
|
||||||
|
token = Token.query.get_or_404(id)
|
||||||
|
data = request.get_json()
|
||||||
|
token.access_token = data.get('access_token') or token.access_token
|
||||||
|
token.refresh_token = data.get('refresh_token') or token.refresh_token
|
||||||
|
token.expiration_seconds = data.get('expiration_seconds') or token.expiration_seconds
|
||||||
|
token.is_logged_in = data.get('is_logged_in')
|
||||||
|
db.session.commit()
|
||||||
|
return '', 204
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
app.run(host='0.0.0.0', port=5000, debug=True)
|
app.run(host='0.0.0.0', port=5000, debug=True)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user