implement logout
This commit is contained in:
parent
16c94fcaa6
commit
d0c888d6c4
30
app/main.py
30
app/main.py
|
@ -1,5 +1,5 @@
|
|||
import os
|
||||
from flask import Flask, render_template, request, redirect, abort
|
||||
from flask import Flask, render_template, request, redirect, abort, url_for, session
|
||||
import requests
|
||||
from datetime import datetime
|
||||
|
||||
|
@ -24,6 +24,10 @@ def home():
|
|||
if is_logged_in():
|
||||
resp_json = requests.get(f'{database_url}/token/latest').json()
|
||||
access_token = resp_json['token']['access_token']
|
||||
|
||||
# set session token id
|
||||
session['token_id'] = resp_json['token']['id']
|
||||
|
||||
user_info = requests.get('https://api.github.com/user', headers={
|
||||
'Authorization': f'Bearer {access_token}'
|
||||
}).json()
|
||||
|
@ -87,7 +91,27 @@ def oauth_redirect():
|
|||
# Save tokens for later use
|
||||
save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in'])
|
||||
|
||||
return redirect('/')
|
||||
return redirect(url_for('home'))
|
||||
|
||||
# logout
|
||||
@app.route('/logout')
|
||||
def logout():
|
||||
token_id = session.get('token_id')
|
||||
|
||||
if not token_id:
|
||||
return redirect(url_for('home'))
|
||||
|
||||
# remove token_id from session
|
||||
session.pop('token_id', None)
|
||||
|
||||
response = requests.put(f'{database_url}/token/{token_id}', headers={
|
||||
'Content-Type': 'application/json'
|
||||
}, json={
|
||||
'is_logged_in': False
|
||||
})
|
||||
response.raise_for_status()
|
||||
|
||||
return redirect(url_for('home'))
|
||||
|
||||
def is_logged_in():
|
||||
response = requests.get(f'{database_url}/token/latest')
|
||||
|
@ -96,7 +120,7 @@ def is_logged_in():
|
|||
return False
|
||||
elif response.status_code == 200:
|
||||
resp_json = response.json()
|
||||
return resp_json['token']['expiration_seconds'] + resp_json['token']['timestamp'] > datetime.now().timestamp()
|
||||
return resp_json['token']['is_logged_in'] or False
|
||||
return False
|
||||
|
||||
def save_tokens(access_token, refresh_token, expiration_seconds):
|
||||
|
|
|
@ -7,5 +7,9 @@
|
|||
</head>
|
||||
<body>
|
||||
<h1>Logged In as {{ user_info.login }}({{user_info.name}})</h1>
|
||||
<!-- Logout -->
|
||||
<form action="/logout" method="POST">
|
||||
<input type="submit" value="Logout">
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -12,6 +12,7 @@ class Token(db.Model):
|
|||
access_token = db.Column(db.String(255), nullable=False)
|
||||
refresh_token = db.Column(db.String(255), nullable=False)
|
||||
expiration_seconds = db.Column(db.Integer, nullable=False)
|
||||
is_logged_in = db.Column(db.Boolean, default=True)
|
||||
timestamp = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
|
||||
def __repr__(self):
|
||||
|
@ -45,6 +46,7 @@ def get_latest_token():
|
|||
|
||||
if latest_token:
|
||||
token_info = {
|
||||
'id': latest_token.id,
|
||||
'access_token': latest_token.access_token,
|
||||
'refresh_token': latest_token.refresh_token,
|
||||
'expiration_seconds': latest_token.expiration_seconds,
|
||||
|
@ -54,5 +56,17 @@ def get_latest_token():
|
|||
else:
|
||||
return '', 204
|
||||
|
||||
# API to update the token based on the id
|
||||
@app.route('/token/<id>', methods=['PUT'])
|
||||
def update_token(id):
|
||||
token = Token.query.get_or_404(id)
|
||||
data = request.get_json()
|
||||
token.access_token = data.get('access_token') or token.access_token
|
||||
token.refresh_token = data.get('refresh_token') or token.refresh_token
|
||||
token.expiration_seconds = data.get('expiration_seconds') or token.expiration_seconds
|
||||
token.is_logged_in = data.get('is_logged_in')
|
||||
db.session.commit()
|
||||
return '', 204
|
||||
|
||||
if __name__ == '__main__':
|
||||
app.run(host='0.0.0.0', port=5000, debug=True)
|
||||
|
|
Loading…
Reference in New Issue
Block a user