aboutsummaryrefslogtreecommitdiff
path: root/uploader/oauth2
diff options
context:
space:
mode:
Diffstat (limited to 'uploader/oauth2')
-rw-r--r--uploader/oauth2/views.py37
1 files changed, 36 insertions, 1 deletions
diff --git a/uploader/oauth2/views.py b/uploader/oauth2/views.py
index 26c009b..d196e22 100644
--- a/uploader/oauth2/views.py
+++ b/uploader/oauth2/views.py
@@ -17,7 +17,13 @@ from uploader import session
from uploader import monadic_requests as mrequests
from . import jwks
-from .client import SCOPE, oauth2_get, oauth2_clientid, authserver_uri
+from .client import (
+ SCOPE,
+ oauth2_get,
+ user_logged_in,
+ authserver_uri,
+ oauth2_clientid,
+ oauth2_clientsecret)
oauth2 = Blueprint("oauth2", __name__)
@@ -100,3 +106,32 @@ def public_jwks():
in jwks.list_jwks(jwks.jwks_directory(
app, "UPLOADER_SECRETS")))
})
+
+
+@oauth2.route("/logout", methods=["GET"])
+def logout():
+ """Log out of any active sessions."""
+ def __unset_session__(session_info):
+ _user = session_info["user"]
+ _user_str = f"{_user['name']} ({_user['email']})"
+ session.clear_session_info()
+ flash("Successfully logged out.", "alert-success")
+ return redirect("/")
+
+ def __handle_failure__(_failure):
+ app.logger.debug("There was a failure logging out of the system",
+ exc_info=True, stack_info=True)
+ __unset_session__(session.session_info())
+ return redirect("/")
+
+ if user_logged_in():
+ return session.user_token().then(
+ lambda _tok: mrequests.post(
+ urljoin(authserver_uri(), "auth/revoke"),
+ json={
+ "token": _tok,
+ "client_id": oauth2_clientid(),
+ "client_secret": oauth2_clientsecret()
+ })).either(
+ __handle_failure__,
+ lambda res: __unset_session__(session.session_info()))