def post(self):
"""
Logs out the user
"""
# Extract session token from the request
token = self._read_session_token()
# Log out
success = False
error_code = None
error_message = None
connection = DatabaseInterface.create_connection()
try:
success = connection.begin_transaction()
# Get the session token
session_token = None
if success:
session_token = UserManagementInterface.read_session_token(connection, token)
if session_token is None:
success = False
error_code = 400
error_message = "Invalid session token"
# Delete session token
if success:
success = UserManagementInterface.delete_session_token(connection, token)
if not success:
error_code = 500
error_message = "Failed to log out, please try again"
if success:
connection.commit_transaction()
else:
connection.rollback_transaction()
except:
connection.rollback_transaction()
abort(500, message="Internal error, please try again")
# Return response
if success:
return None
else:
if (error_code is not None) and (error_message is not None):
abort(error_code, message=error_message)
else:
abort(500, message="Internal error")
def _read_session_user(connection: Connection,
token: str) -> Optional[dict]:
"""
Reads the user information that belongs to the session
:param connection: Database connection
:param token: Session token
:return: User information object
Returned dictionary contains items:
- id
- user_name
- display_name
- email
- active
Note: User information is returned only if the user exists and if it is active
"""
# Read session token
session_token = UserManagementInterface.read_session_token(
connection, token)
if session_token is None:
# Error, invalid token
return None
# Check if session's user is active
user = UserManagementInterface.read_user_by_id(
connection, session_token["user_id"])
if user is None:
# Error, user was not found
return None
if not user["active"]:
# Error, user is not active
return None
return user
def _read_session_user(connection: Connection, token: str) -> Optional[dict]:
"""
Reads the user information that belongs to the session
:param connection: Database connection
:param token: Session token
:return: User information object
Returned dictionary contains items:
- id
- user_name
- display_name
- email
- active
Note: User information is returned only if the user exists and if it is active
"""
# Read session token
session_token = UserManagementInterface.read_session_token(connection, token)
if session_token is None:
# Error, invalid token
return None
# Check if session's user is active
user = UserManagementInterface.read_user_by_id(connection, session_token["user_id"])
if user is None:
# Error, user was not found
return None
if not user["active"]:
# Error, user is not active
return None
return user