implement logout

app/main.py

@@ -1,5 +1,5 @@
 import os
-from flask import Flask, render_template, request, redirect, abort
+from flask import Flask, render_template, request, redirect, abort, url_for, session
 import requests
 from datetime import datetime
 
@@ -24,6 +24,10 @@ def home():
     if is_logged_in():
         resp_json = requests.get(f'{database_url}/token/latest').json()
         access_token = resp_json['token']['access_token']
+
+        # set session token id
+        session['token_id'] = resp_json['token']['id']
+
         user_info = requests.get('https://api.github.com/user', headers={
             'Authorization': f'Bearer {access_token}'
         }).json()
@@ -87,7 +91,27 @@ def oauth_redirect():
     # Save tokens for later use
     save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in'])
 
-    return redirect('/')
+    return redirect(url_for('home'))
+
+# logout
+@app.route('/logout')
+def logout():
+    token_id = session.get('token_id')
+
+    if not token_id:
+        return redirect(url_for('home'))
+    
+    # remove token_id from session
+    session.pop('token_id', None)
+
+    response = requests.put(f'{database_url}/token/{token_id}', headers={
+        'Content-Type': 'application/json'
+    }, json={
+        'is_logged_in': False
+    })
+    response.raise_for_status()
+
+    return redirect(url_for('home'))
 
 def is_logged_in():
     response = requests.get(f'{database_url}/token/latest')
@@ -96,7 +120,7 @@ def is_logged_in():
         return False
     elif response.status_code == 200:
         resp_json = response.json()
-        return resp_json['token']['expiration_seconds'] + resp_json['token']['timestamp'] > datetime.now().timestamp()
+        return resp_json['token']['is_logged_in'] or False
     return False
 
 def save_tokens(access_token, refresh_token, expiration_seconds):

app/templates/success.html

@@ -7,5 +7,9 @@
 </head>
 <body>
     <h1>Logged In as {{ user_info.login }}({{user_info.name}})</h1>
+    <!-- Logout -->
+    <form action="/logout" method="POST">
+        <input type="submit" value="Logout">
+    </form>
 </body>
 </html>

database/main.py

@@ -12,6 +12,7 @@ class Token(db.Model):
     access_token = db.Column(db.String(255), nullable=False)
     refresh_token = db.Column(db.String(255), nullable=False)
     expiration_seconds = db.Column(db.Integer, nullable=False)
+    is_logged_in = db.Column(db.Boolean, default=True)
     timestamp = db.Column(db.DateTime, default=datetime.utcnow)
 
     def __repr__(self):
@@ -45,6 +46,7 @@ def get_latest_token():
     
     if latest_token:
         token_info = {
+            'id': latest_token.id,
             'access_token': latest_token.access_token,
             'refresh_token': latest_token.refresh_token,
             'expiration_seconds': latest_token.expiration_seconds,
@@ -54,5 +56,17 @@ def get_latest_token():
     else:
         return '', 204
 
+# API to update the token based on the id
+@app.route('/token/<id>', methods=['PUT'])
+def update_token(id):
+    token = Token.query.get_or_404(id)
+    data = request.get_json()
+    token.access_token = data.get('access_token') or token.access_token
+    token.refresh_token = data.get('refresh_token') or token.refresh_token
+    token.expiration_seconds = data.get('expiration_seconds') or token.expiration_seconds
+    token.is_logged_in = data.get('is_logged_in')
+    db.session.commit()
+    return '', 204
+
 if __name__ == '__main__':
     app.run(host='0.0.0.0', port=5000, debug=True)