Implement logout semantics by support DELETE on authtoken

2026-04-28 02:41:49 -05:00 · 2017-02-02 16:32:09 -05:00
parent d469ef2385
commit ca87c4f83b
2 changed files with 14 additions and 0 deletions
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -4,6 +4,7 @@

 # Python
 import os
+import re
 import cgi
 import datetime
 import dateutil
@@ -608,6 +609,16 @@ class AuthTokenView(APIView):
                           extra=dict(actor=request.data['username']))
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

+    def delete(self, request):
+        print request.META
+        if 'HTTP_AUTHORIZATION' in request.META:
+            token_match = re.match("Token\s(.+)", request.META['HTTP_AUTHORIZATION'])
+            if token_match:
+                filter_tokens = AuthToken.objects.filter(key=token_match.groups()[0])
+                if filter_tokens.exists():
+                    filter_tokens[0].invalidate()
+        return Response(status=status.HTTP_204_NO_CONTENT)
+

 class OrganizationCountsMixin(object):