From d0c888d6c451a790521a8274181830316fbd827c Mon Sep 17 00:00:00 2001 From: Swapnil Date: Tue, 30 Jan 2024 11:32:03 +0530 Subject: [PATCH] implement logout --- app/main.py | 30 +++++++++++++++++++++++++++--- app/templates/success.html | 4 ++++ database/main.py | 14 ++++++++++++++ 3 files changed, 45 insertions(+), 3 deletions(-) diff --git a/app/main.py b/app/main.py index b552e2b..ee974f3 100644 --- a/app/main.py +++ b/app/main.py @@ -1,5 +1,5 @@ import os -from flask import Flask, render_template, request, redirect, abort +from flask import Flask, render_template, request, redirect, abort, url_for, session import requests from datetime import datetime @@ -24,6 +24,10 @@ def home(): if is_logged_in(): resp_json = requests.get(f'{database_url}/token/latest').json() access_token = resp_json['token']['access_token'] + + # set session token id + session['token_id'] = resp_json['token']['id'] + user_info = requests.get('https://api.github.com/user', headers={ 'Authorization': f'Bearer {access_token}' }).json() @@ -87,7 +91,27 @@ def oauth_redirect(): # Save tokens for later use save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in']) - return redirect('/') + return redirect(url_for('home')) + +# logout +@app.route('/logout') +def logout(): + token_id = session.get('token_id') + + if not token_id: + return redirect(url_for('home')) + + # remove token_id from session + session.pop('token_id', None) + + response = requests.put(f'{database_url}/token/{token_id}', headers={ + 'Content-Type': 'application/json' + }, json={ + 'is_logged_in': False + }) + response.raise_for_status() + + return redirect(url_for('home')) def is_logged_in(): response = requests.get(f'{database_url}/token/latest') @@ -96,7 +120,7 @@ def is_logged_in(): return False elif response.status_code == 200: resp_json = response.json() - return resp_json['token']['expiration_seconds'] + resp_json['token']['timestamp'] > datetime.now().timestamp() + return resp_json['token']['is_logged_in'] or False return False def save_tokens(access_token, refresh_token, expiration_seconds): diff --git a/app/templates/success.html b/app/templates/success.html index 16207a4..63b06d5 100644 --- a/app/templates/success.html +++ b/app/templates/success.html @@ -7,5 +7,9 @@

Logged In as {{ user_info.login }}({{user_info.name}})

+ +
+ +
diff --git a/database/main.py b/database/main.py index c4cf177..c46d5b9 100644 --- a/database/main.py +++ b/database/main.py @@ -12,6 +12,7 @@ class Token(db.Model): access_token = db.Column(db.String(255), nullable=False) refresh_token = db.Column(db.String(255), nullable=False) expiration_seconds = db.Column(db.Integer, nullable=False) + is_logged_in = db.Column(db.Boolean, default=True) timestamp = db.Column(db.DateTime, default=datetime.utcnow) def __repr__(self): @@ -45,6 +46,7 @@ def get_latest_token(): if latest_token: token_info = { + 'id': latest_token.id, 'access_token': latest_token.access_token, 'refresh_token': latest_token.refresh_token, 'expiration_seconds': latest_token.expiration_seconds, @@ -54,5 +56,17 @@ def get_latest_token(): else: return '', 204 +# API to update the token based on the id +@app.route('/token/', methods=['PUT']) +def update_token(id): + token = Token.query.get_or_404(id) + data = request.get_json() + token.access_token = data.get('access_token') or token.access_token + token.refresh_token = data.get('refresh_token') or token.refresh_token + token.expiration_seconds = data.get('expiration_seconds') or token.expiration_seconds + token.is_logged_in = data.get('is_logged_in') + db.session.commit() + return '', 204 + if __name__ == '__main__': app.run(host='0.0.0.0', port=5000, debug=True)