diff options
Diffstat (limited to 'uploader/oauth2')
| -rw-r--r-- | uploader/oauth2/views.py | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/uploader/oauth2/views.py b/uploader/oauth2/views.py index 26c009b..d196e22 100644 --- a/uploader/oauth2/views.py +++ b/uploader/oauth2/views.py @@ -17,7 +17,13 @@ from uploader import session from uploader import monadic_requests as mrequests from . import jwks -from .client import SCOPE, oauth2_get, oauth2_clientid, authserver_uri +from .client import ( + SCOPE, + oauth2_get, + user_logged_in, + authserver_uri, + oauth2_clientid, + oauth2_clientsecret) oauth2 = Blueprint("oauth2", __name__) @@ -100,3 +106,32 @@ def public_jwks(): in jwks.list_jwks(jwks.jwks_directory( app, "UPLOADER_SECRETS"))) }) + + +@oauth2.route("/logout", methods=["GET"]) +def logout(): + """Log out of any active sessions.""" + def __unset_session__(session_info): + _user = session_info["user"] + _user_str = f"{_user['name']} ({_user['email']})" + session.clear_session_info() + flash("Successfully logged out.", "alert-success") + return redirect("/") + + def __handle_failure__(_failure): + app.logger.debug("There was a failure logging out of the system", + exc_info=True, stack_info=True) + __unset_session__(session.session_info()) + return redirect("/") + + if user_logged_in(): + return session.user_token().then( + lambda _tok: mrequests.post( + urljoin(authserver_uri(), "auth/revoke"), + json={ + "token": _tok, + "client_id": oauth2_clientid(), + "client_secret": oauth2_clientsecret() + })).either( + __handle_failure__, + lambda res: __unset_session__(session.session_info())) |