def logout(response: Response, token: str = Depends(check_token)):
if token is None:
raise HTTPException(status_code=401, detail="Unauthorised")
app.sessions.pop(token)
response = RedirectResponse("/")
response.delete_cookie("session_token")
return response
async def app(scope, receive, send):
request = Request(scope, receive)
response = Response("Hello, world!", media_type="text/plain")
if request.cookies.get("mycookie"):
response.delete_cookie("mycookie")
else:
response.set_cookie("mycookie", "myvalue")
await response(scope, receive, send)
async def signout_redirect_callback(request: Request, response: Response):
response = RedirectResponse(url="/")
response.delete_cookie(
key=COOKIE_AUTHORIZATION_NAME,
path="/",
domain=COOKIE_DOMAIN,
)
return response
async def _get_current_user_impl(
security_scopes: SecurityScopes,
response: Response,
session_jwt: Optional[str] = Cookie(None),
log_out: Optional[str] = Cookie(None),
raise_on_none: bool = True) -> (Optional[User], int):
if security_scopes.scopes:
authenticate_value = f'Bearer scope="{security_scopes.scope_str}"'
else:
authenticate_value = f"Bearer"
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": authenticate_value},
)
def on_none():
if session_jwt is not None:
response.delete_cookie("session_jwt")
if raise_on_none:
raise credentials_exception
else:
return None, -1
if log_out is not None:
response.delete_cookie("log_out")
return on_none()
if session_jwt is None:
return on_none()
try:
payload = jwt.decode(session_jwt,
SECRET_KEY,
algorithms=[ACCESS_TOKEN_ALGORITHM])
username: str = payload.get("sub")
exp: int = payload.get("exp")
if username is None:
return on_none()
token_scopes = payload.get("scopes", [])
token_data = TokenData(scopes=token_scopes, username=username)
except (DecodeError, ValidationError, InvalidTokenError):
return on_none()
user = queries.get_user(token_data.username)
if user is None:
return on_none()
for scope in security_scopes.scopes:
if scope not in token_data.scopes:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Not enough permissions",
headers={"WWW-Authenticate": authenticate_value},
)
return user, exp
async def asgi(receive, send):
response = Response("has cookie.", media_type="text/plain")
response.set_cookie("cookie-1",
123,
path="/",
domain="localhost",
secure="true")
response.set_cookie("cookie-2", "456", expires=60, httponly=True)
response.set_cookie("cookie-3", "789")
response.delete_cookie("cookie-3")
await response(receive, send)
async def logout(cookie: str,
response: Response,
delete_user: Optional[bool] = False) -> None:
user_id = get_user_id_from_cookie(cookie)
if not user_id:
return
if delete_user:
await _delete_user(user_id)
response.delete_cookie('fastapi_auth')
async def logout(response: Response, session: str = Cookie(None)):
if session is None:
raise HTTPException(404, "cookie not found")
try:
verification = auth.verify_session_cookie(session)
auth.revoke_refresh_tokens(verification["sub"])
except auth.InvalidSessionCookieError:
raise HTTPException(401)
response.delete_cookie("session")
return True
def delete_auth_github(client_id: str,
user_id: str = Cookie(None),
db: Session = Depends(get_db)):
client_secret = os.environ["NPM_DEVS_VISUALIZER_CLIENT_SECRET"]
if user_id is None:
raise HTTPException(status_code=404,
detail="Access token not found in the request")
auth_user = crud.get_user_by_user_id(db, user_id)
if auth_user is None:
raise HTTPException(status_code=404,
detail="Access token not found in the DB")
raw_res = requests.delete(
f"https://api.github.com/applications/{client_id}/tokens/{auth_user.access_token}",
headers={
"User-Agent": "npm devs visualizer",
"Accept": "application/json"
},
auth=(client_id, client_secret),
)
if raw_res.status_code != 204:
res = raw_res.json()
if raw_res.status_code >= 500:
raise HTTPException(status_code=503,
detail="GitHub API Unavailable")
if raw_res.status_code == 404:
raise HTTPException(status_code=404, detail="not found")
if "message" in res:
raise HTTPException(status_code=500,
detail=f"GitHub API: {res['message']}")
if "error" in res:
raise HTTPException(status_code=500,
detail=f"GitHub API: {res['error']}")
raise HTTPException(status_code=500)
crud.delete_user(db=db, user_id=user_id)
response = Response(status_code=204)
response.delete_cookie(key="user_id")
return response
def read_cookie(response: Response, session_id: Optional[str] = Cookie(None)):
response.delete_cookie(key="session_id")
return {"cookie": session_id}
def delete(cls, response: Response):
response.delete_cookie(cls.Meta.name)
async def logout_user(response: Response):
"""Deletes the cookie and allows the user to log in again."""
response.delete_cookie('Authorization', domain=COOKIE_DOMAIN)
def logout(request: Request,
response: Response,
username: str = Depends(get_current_user)):
response.delete_cookie("session")
response.delete_cookie("username")
return {"result": True, "message": 'ok'}
def logout(response: Response):
response.delete_cookie(auth_cookie_name)
def logout(self, response: Response) -> Response:
response.delete_cookie(key="access_token_cookie")
response.delete_cookie(key="refresh_token_cookie")
return response
async def get_logout_response(self, user: BaseUserDB, response: Response) -> Any:
response.delete_cookie(
self.cookie_name, path=self.cookie_path, domain=self.cookie_domain
)
async def logout() -> Response:
response = Response()
response.delete_cookie(key="access_token")
response.delete_cookie(key="refresh_token")
response.delete_cookie(key="username")
return response
async def logout_user(response: Response):
response.delete_cookie('Authorization', domain=COOKIE_DOMAIN)
