fix: logout logic

petercat-ai · Dec 26, 2024 · 88b6ece · 88b6ece
1 parent 2e4b284
commit 88b6ece
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 5 deletions.
diff --git a/server/auth/clients/auth0.py b/server/auth/clients/auth0.py
@@ -1,3 +1,4 @@
+from fastapi.responses import RedirectResponse
 import httpx
 import secrets
 
@@ -35,9 +36,26 @@ def __init__(self):
 
   async def login(self, request):
     return await self._client.auth0.authorize_redirect(
-        request, redirect_uri=CALLBACK_URL
+        request, redirect_uri=CALLBACK_URL, prompt='login'
     )
 
+  async def logout(self, request, redirect):
+    url = f'https://{AUTH0_DOMAIN}/v2/logout'
+    headers = {"content-type": "application/x-www-form-urlencoded"}
+    data = {
+        'client_id': CLIENT_ID,
+        'returnTo': redirect,
+    }
+
+    async with httpx.AsyncClient() as client:
+        resp = await client.get(url, params=data, headers=headers)
+        if redirect:
+            if resp.status_code == 302:
+                return RedirectResponse(url=resp.headers['Location']) 
+            else:
+                return RedirectResponse(url=redirect)  # 如果出错，直接重定向到 fallback 地址
+        return {"success": True}
+
   async def get_oauth_token(self):
     url = f'https://{AUTH0_DOMAIN}/oauth/token'
     headers = {"content-type": "application/x-www-form-urlencoded"}

diff --git a/server/auth/clients/base.py b/server/auth/clients/base.py
@@ -38,6 +38,10 @@ async def anonymouseLogin(self, request: Request) -> dict:
   async def login(self, request: Request):
     pass
 
+  @abstractmethod
+  async def logout(self, request: Request, redirect: str):
+    pass
+
   @abstractmethod
   async def get_oauth_token(self) -> str:
     pass

diff --git a/server/auth/clients/local.py b/server/auth/clients/local.py
@@ -21,6 +21,11 @@ async def login(self, request: Request):
     request.session["user"] = data
 
     return RedirectResponse(url=f"{WEB_LOGIN_SUCCESS_URL}", status_code=302)
+
+  async def logout(self, request: Request, redirect: str):
+    if redirect:
+      return RedirectResponse(url=f"{redirect}", status_code=302)
+    return {"success": True}
 
   async def get_user_info(self, user_id):
     token = PETERCAT_LOCAL_UID

diff --git a/server/auth/router.py b/server/auth/router.py
@@ -32,12 +32,10 @@ async def login(request: Request, auth_client = Depends(get_auth_client)):
     return await auth_client.login(request)
 
 @router.get("/logout")
-async def logout(request: Request):
+async def logout(request: Request, auth_client = Depends(get_auth_client)):
     request.session.pop("user", None)
     redirect = request.query_params.get("redirect")
-    if redirect:
-        return RedirectResponse(url=f"{redirect}", status_code=302)
-    return {"success": True}
+    return await auth_client.logout(request, redirect)
 
 
 @router.get("/callback")