pikram/user-microservice
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added revoking token during logout

Browse Source
This commit is contained in:
Marcin-Ramotowski
2025-03-29 20:57:01 +00:00
parent 99dd5148b1
commit 8637eaa96f
3 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
api/views.py
View File

@ -1,6 +1,7 @@
from flask import Blueprint, jsonify, request, abort
from flask_jwt_extended import create_access_token, set_access_cookies, jwt_required, verify_jwt_in_request, get_jwt_identity, unset_jwt_cookies
from models import User, db
from flask_jwt_extended import create_access_token, set_access_cookies, jwt_required, \
verify_jwt_in_request, get_jwt_identity, unset_jwt_cookies, get_jwt
from models import db, RevokedToken, User
from utils import admin_required, validate_access
from werkzeug.security import check_password_hash, generate_password_hash
@ -102,6 +103,10 @@ def user_login():
@user_bp.route('/logout', methods=['GET'])
@jwt_required()
def user_logout():
jti = get_jwt()["jti"]
revoked_token = RevokedToken(jti=jti)
db.session.add(revoked_token)
db.session.commit()
response = jsonify({"msg": "User logged out successfully."})
unset_jwt_cookies(response)
return response