refactor(auth):changed logout functionality

2024-05-13 20:05:17 +05:30
parent f630151356
commit b4bacbe35a
4 changed files with 32 additions and 2 deletions
--- a/module_auth/api/urls.py
+++ b/module_auth/api/urls.py
@@ -7,6 +7,7 @@ urlpatterns = [
    path('token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
    path("signup/", views.RegistrationView.as_view()),
    path("login/", views.LoginView.as_view()),
+    path("logout/", views.LogoutView.as_view()),

    path("request-otp/", views.OtpRequestView.as_view()),
    path("verify-otp/", views.OTPVerificationView.as_view()),
--- a/module_auth/api/utils.py
+++ b/module_auth/api/utils.py
@@ -3,7 +3,8 @@ from typing import Optional

 import requests
 from django.core.exceptions import ValidationError
-from rest_framework_simplejwt.tokens import RefreshToken
+from rest_framework_simplejwt.tokens import RefreshToken, TokenError
+from rest_framework_simplejwt.exceptions import TokenError

 from module_iam.models import IAmPrincipal, IAmPrincipalOtp
 from module_project import constants
@@ -30,6 +31,14 @@ def generate_token_and_user_data(principal):
    }
    return data

+def blacklist_token(token):
+    try:
+        RefreshToken(token).blacklist()
+        print("token is blacklisted")
+    except TokenError:
+        print("error occurs")
+        pass
+
 class GoogleAuthService():
    @staticmethod
    def get_user_info(access_token):
--- a/module_auth/api/views.py
+++ b/module_auth/api/views.py
@@ -18,7 +18,7 @@ from module_project.utils import ApiResponse
 from .serializers import (LoginSerializer, OtpVerificationSerializer,
                          PasswordResetSerializer, RegistrationSerializer)
 from .utils import (AuthService, GoogleAuthService,
-                    authticate_with_otp_and_passsword,
+                    authticate_with_otp_and_passsword, blacklist_token,
                    generate_token_and_user_data, get_principal_by_email)


@@ -111,6 +111,25 @@ class LoginView(APIView):
        return ApiResponse.success(message=constants.LOGIN_SUCCESS, data=token_data)


+class LogoutView(APIView):
+    authentication_classes = [JWTAuthentication]
+    permission_classes = [IsAuthenticated]
+    model = IAmPrincipal
+
+    def post(self, request):
+        token = request.data.get("refresh")
+        if not token:
+            return ApiResponse.error(message=constants.FAILURE, errors='Provide refresh token')
+
+        user = request.user
+        user.player_id = None
+        user.save()
+
+        blacklist_token(token)
+
+        return ApiResponse.success(message=constants.LOGOUT_SUCCESS)
+
+
 class OtpRequestView(APIView):
    authentication_classes = []
    permission_classes = []
--- a/module_project/settings/base.py
+++ b/module_project/settings/base.py
@@ -60,6 +60,7 @@ THIRD_PARTY_APPS = [
    "corsheaders",
    "widget_tweaks",
    "rest_framework_simplejwt",
+    'rest_framework_simplejwt.token_blacklist',
    "taggit",
    "django_quill",
    "django_crontab",