[ADD] shopinvader_api_signin_jwt: Route /signout

shopinvader · Feb 7, 2024 · 77fc96a · 77fc96a
1 parent a43367b
commit 77fc96a
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 1 deletion.
diff --git a/shopinvader_api_signin_jwt/routers/signin.py b/shopinvader_api_signin_jwt/routers/signin.py
@@ -1,7 +1,8 @@
 # Copyright 2023 ACSONE SA/NV
 # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).
 
-from typing import Annotated
+import logging
+from typing import Annotated, Union
 
 from fastapi import APIRouter, Depends, Response, status
 
@@ -12,9 +13,12 @@
 from odoo.addons.fastapi_auth_jwt.dependencies import (
     Payload,
     auth_jwt_authenticated_payload,
+    auth_jwt_default_validator_name,
     auth_jwt_optionally_authenticated_partner,
 )
 
+_logger = logging.getLogger(__name__)
+
 signin_router = APIRouter(tags=["signin"])
 
 
@@ -37,6 +41,34 @@ def signin(
         response.status_code = status.HTTP_201_CREATED
 
 
+@signin_router.post("/signout")
+def signout(
+    env: Annotated[api.Environment, Depends(odoo_env)],
+    default_validator_name: Annotated[
+        Union[str, None], Depends(auth_jwt_default_validator_name)
+    ],
+    response: Response,
+) -> None:
+    """
+    Remove the session cookie.
+    """
+    validator = (
+        env["auth.jwt.validator"].sudo()._get_validator_by_name(default_validator_name)
+    )
+    if not validator:
+        _logger.info("No validator found with name '%s'", default_validator_name)
+        return
+    if not validator.cookie_name:
+        _logger.info("Cookie name not set for validator %s", validator.name)
+        return
+    response.delete_cookie(
+        key=validator.cookie_name,
+        path=validator.cookie_path or "/",
+        secure=validator.cookie_secure,
+        httponly=True,
+    )
+
+
 class ShopinvaderApSigninJwtRouterHelper(models.AbstractModel):
     _name = "shopinvader_api_signin_jwt.signin_router.helper"
     _description = "ShopInvader API Signin Jwt Router Helper"

diff --git a/shopinvader_api_signin_jwt/tests/test_signin.py b/shopinvader_api_signin_jwt/tests/test_signin.py
@@ -78,3 +78,15 @@ def test_signin(self):
         with self._create_test_client() as client:
             res = client.post("/signin", headers={"Authorization": token})
         self.assertEqual(res.status_code, 200)
+
+    def test_signout(self):
+        self.validator.write({"cookie_enabled": True, "cookie_name": "test_cookie"})
+        token = self._get_token()
+        with self._create_test_client() as client:
+            res = client.post("/signin", headers={"Authorization": token})
+        cookie = res.cookies.get("test_cookie")
+        self.assertTrue(cookie)
+        with self._create_test_client() as client:
+            res = client.post("/signout")
+        cookie = res.cookies.get("test_cookie")
+        self.assertFalse(cookie)