Now revoked tokens are saved to database

api/app.py

@@ -1,9 +1,8 @@
-from datetime import timedelta
 from dotenv import load_dotenv
 from flask import Flask, jsonify
 from flask_jwt_extended import JWTManager
 from jwt import ExpiredSignatureError
-from models import db, revoked_tokens
+from models import db, RevokedToken
 import os
 from task_views import task_bp
 from user_views import user_bp, init_db
@@ -36,7 +35,8 @@ def create_app(config_name="default"):
     # Function to check if JWT token is revoked
     @jwt.token_in_blocklist_loader
     def check_if_token_revoked(jwt_header, jwt_payload):
-        return jwt_payload["jti"] in revoked_tokens
+        token = RevokedToken.query.get(jwt_payload["jti"])
+        return token is not None
 
     # Global error handler
     @app.errorhandler(Exception)

api/models.py

@@ -1,7 +1,6 @@
 from flask_sqlalchemy import SQLAlchemy
 
 db = SQLAlchemy()
-revoked_tokens = set()
 
 class User(db.Model):
     id = db.Column(db.Integer, primary_key=True, autoincrement=True)
@@ -37,3 +36,6 @@ class Task(db.Model):
     @staticmethod
     def get_editable_fields():
         return {"title", "description", "due_date", "done"}
+
+class RevokedToken(db.Model):
+    jti = db.Column(db.String(100), primary_key=True)

api/user_views.py

@@ -1,7 +1,7 @@
 from flask import Blueprint, jsonify, request, abort
 from flask_jwt_extended import create_access_token, set_access_cookies, jwt_required, \
 verify_jwt_in_request, get_jwt_identity, unset_jwt_cookies, get_jwt
-from models import User, db, revoked_tokens
+from models import User, db, RevokedToken
 import os
 from werkzeug.security import check_password_hash, generate_password_hash
 
@@ -104,7 +104,9 @@ def user_login():
 @jwt_required()
 def user_logout():
     jti = get_jwt()["jti"]
-    revoked_tokens.add(jti)
+    revoked_token = RevokedToken(jti=jti)
+    db.session.add(revoked_token)
+    db.session.commit()
     response = jsonify({"msg": "User logged out successfully."})
     unset_jwt_cookies(response)
     return response