async def logout(): """ Logout and redirect to login screen """ response = RedirectResponse("/", status_code=302) response.delete_cookie(config.login.jwt_cookie_name) return response
async def logout_get( request: Request, current_user: UserReturnSchema = Depends(get_current_user) ): url_index = request.app.url_path_for('index') rr = RedirectResponse(url=url_index, status_code=status.HTTP_303_SEE_OTHER) rr.delete_cookie("session") return rr
async def logout(request: Request, next: str = Form(default="/")): if request.user.is_authenticated(): request.user.logout(request) # Use 303 since we may be handling a post request, that'll get it # to redirect to a get request. response = RedirectResponse(url=next, status_code=HTTPStatus.SEE_OTHER) response.delete_cookie("AURSID") response.delete_cookie("AURTZ") return response
async def process_logout(): """ Purge the login information from the users session/cookie data :return: Redirect to main body """ # Simply destroy the cookies in this session and get rid of the creds, redirect to landing response = RedirectResponse( "/") # Process the destruction from main app/test result response.delete_cookie("user") response.delete_cookie("flow") return response
def logout_session(session_token: str = Cookie(''), request: Request = ...): """Logs out user by removing cookie session. Endpoint only available to users with valid session cookie - request argument is used also in decorator.""" redirect_path = '/logged_out' if request.query_params: redirect_path += f'?{request.query_params}' response = RedirectResponse(URL(redirect_path), status_code=status.HTTP_303_SEE_OTHER) session = request.cookies['session_token'] response.delete_cookie('session_token') router.session_keys.remove(session) return response
def logout_session(token: str = '', message_format: FormatEnum = Query(FormatEnum.txt, alias='format')): """Logs out user by removing token session. Endpoint only available to users with valid token - token argument is used in decorator.""" redirect_path = '/logged_out' if message_format != FormatEnum.txt: redirect_path += f'?format={message_format}' response = RedirectResponse(URL(redirect_path), status_code=status.HTTP_303_SEE_OTHER) response.delete_cookie('session_token') router.token_keys.remove(token) return response
def logout(request: Request, current_user=Depends(security)): if_logged_in(request) response = RedirectResponse(url='/', status_code=status.HTTP_302_FOUND, headers={"Location": "/"}) response.headers["Authorization"] = "" try: session = request.cookies["session_token"] sessions.remove(session) except: print("Already removed") response.delete_cookie("session_token") response.delete_cookie("username") return response
async def logout(request: Request): """ Disconnect the user from the SSO provider, potentially affecting every other Arch service. AUR logout is performed by `/logout`, before it redirects to `/sso/logout`. Based on the OpenID Connect Session Management specification: https://openid.net/specs/openid-connect-session-1_0.html#RPLogout """ id_token = request.cookies.get("SSO_ID_TOKEN") if not id_token: return RedirectResponse("/") metadata = await oauth.sso.load_server_metadata() query = urlencode({'post_logout_redirect_uri': aurweb.config.get('options', 'aur_location'), 'id_token_hint': id_token}) response = RedirectResponse(metadata["end_session_endpoint"] + '?' + query) response.delete_cookie("SSO_ID_TOKEN", path="/sso/") return response
async def logout(state: str): # Load the saved state to find redirect target try: ls = LogoutState.get_by_id(state) except ModelNotFoundError: raise HTTPException(404, "Invalid state") # Redirect the user back to desired target redirect_target = ls.redirect_target if ls.state: params = urllib.parse.urlencode({"state": ls.state}) redirect_target += f"?{params}" resp = RedirectResponse(redirect_target) # Delete the cookies and state resp.delete_cookie(key="id_token") resp.delete_cookie(key="access_token") ls.delete() return resp
async def route_logout_and_remove_cookie(): """HTTP Basic Auth logout for access to API spec & docs. """ response = RedirectResponse(url="/") response.delete_cookie("Authorization", domain=config.DOMAIN) return response
async def callback(code: str, challenge_secret: Optional[str] = Cookie(None), token_endpoint: Optional[str] = Cookie(None)): dpop_token_header = { "alg": "ES256", "typ": "dpop+jwt" } dpop_token_payload = { "htu": "http://127.0.0.1:8001", "cnf": {"jwk": CLIENT_PUBLIC_KEY}, "htm": "POST", "jti": uuid.uuid4().__str__(), "iat": int(datetime.datetime.timestamp(datetime.datetime.now())) } dpop_token = jwt.encode(dpop_token_header, dpop_token_payload, CLIENT_PRIVATE_KEY) auth_headers = { "DPoP": dpop_token, "content-type": "application/x-www-form-urlencoded" } auth_body = { 'grant_type': 'authorization_code', 'code_verifier': challenge_secret, 'code': code, 'redirect_uri': 'http://127.0.0.1:8001/callback', 'client_id': 'http://127.0.0.1:8001/webid#this' } res = requests.post(token_endpoint, params=auth_body, headers=auth_headers) if res.status_code == 200: token_response = res.json() if 'access_token' in token_response.keys(): access_token = token_response['access_token'] print(access_token) else: access_token = None if 'id_token' in token_response.keys(): id_token = token_response['id_token'] else: id_token = None if 'refresh_token' in token_response.keys(): refresh_token = token_response['refresh_token'] else: refresh_token = None else: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Unable to verify identity.", ) response = RedirectResponse('/data', status_code=307) response.delete_cookie("challenge_secret") response.delete_cookie("token_endpoint") response.set_cookie(key="access_token", value=access_token) return response
def logout(): response = RedirectResponse(url="/login") response.delete_cookie("session") return response
async def logout(request: Request): response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND) response.delete_cookie(router.API_KEY) return response
def logout(request: Request): response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND) response.delete_cookie("session_token") return response
async def post_login(request: Request, form_data: OAuth2PasswordRequestForm = Depends(), redirect_uri: Optional[str] = Cookie(None), response_type: Optional[str] = Cookie(None), scope: Optional[str] = Cookie(None), client_id: Optional[str] = Cookie(None), code_challenge_method: Optional[str] = Cookie(None), code_challenge: Optional[str] = Cookie(None)): user = authenticate_user(form_data.username, form_data.password) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password", headers={"WWW-Authenticate": "Bearer"}, ) if redirect_uri is not None: clients = db.clients client_code = secrets.token_hex(22) code_store = { "client_code": client_code, "client_id": client_id, "code_challenge_method": code_challenge_method, "code_challenge": code_challenge, "webid": 'http://127.0.0.1:8000/' + form_data.username + '/card#me', "response_types": response_type.split(' '), "scope": scope.split(' ') } clients.insert_one(code_store) response = RedirectResponse(url=redirect_uri + '?code=' + client_code, status_code=303) response.delete_cookie("response_type") response.delete_cookie("redirect_uri") response.delete_cookie("scope") response.delete_cookie("client_id") response.delete_cookie("code_challenge_method") response.delete_cookie("code_challenge") return response else: return RedirectResponse(url='/login_success', status_code=303)
async def logout(request: Request): response = RedirectResponse(url="http://localhost:8000/", status_code=303) response.delete_cookie(key="Authorization", domain="localhost") return response
async def logout(response_class: RedirectResponse): # Send the user to the login page after the logout. response = RedirectResponse("/auth/login") response.delete_cookie(auth_manager.cookie_name) return response
async def route_logout_and_remove_cookie(): response = RedirectResponse(url="/") response.delete_cookie("Authorization", domain="localhost") return response
def logout(request: Request): response = RedirectResponse(request.url_for('homepage')) response.delete_cookie("Authorization") return response
async def logout(request: Request): response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND) response.delete_cookie(SESSION_TOKEN) return response
def logout(session_id=Cookie(default=None)): session.destroy(session_id) response = RedirectResponse(url="/") response.delete_cookie("session_id") return response
async def logout(is_logged: bool = Depends(is_logged)): response = RedirectResponse(url="/", status_code=status.HTTP_302_FOUND) response.delete_cookie(app.API_KEY) return response