transfered logout and added user-deletion

2026-03-21 18:15:37 +01:00 · 2026-02-02 13:02:59 +01:00 · 2026-02-02 13:02:59 +01:00 · 192b5f9fc5
commit 192b5f9fc5
parent 6285ebbd16
2 changed files with 57 additions and 6 deletions
--- a/routers/auth.py
+++ b/routers/auth.py
@ -85,11 +85,6 @@ def login(user_data: user_schemas.UserLogin, request: Request, response: Respons
        }
    }
@router.post("/logout")
 def logout(response: Response):
    """Logout by clearing the JWT cookie"""
    response.delete_cookie(key="access_token")
    return {"message": "Logout successful"}
 def verify_jwt_token(token: str):
    """Verify and decode a JWT token"""
--- a/routers/me.py
+++ b/routers/me.py
@ -43,3 +43,59 @@ def get_me(request: Request, db: db_dependency):
            detail="User not found"
        )
    return db_user
@router.post("/logout")
 def logout(request: Request,response: Response):
    """Logout by clearing the JWT cookie"""
    get_token = request.cookies.get("access_token")
    if not get_token:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not logged in"
        )
    response.delete_cookie(key="access_token")
    return {"message": "Logout successful"}
@router.delete("/delete-me")
 def delete_me(request: Request, db: db_dependency):
    """Delete current authenticated user"""
    token = request.cookies.get("access_token")
    if not token:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not logged in"
        )
    try:
        payload = jwt.decode(token, auth.SECRET_KEY, algorithms=[auth.ALGORITHM])
        user_id: str = str(payload.get("sub"))
        if user_id is None:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail="Not logged in"
            )
    except JWTError:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Could not validate credentials"
        )
 ## User retrieval and deletion
    user = db.query(models.User).filter(models.User.id == int(user_id)).first()
    if user is None:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="User not found"
        )
    db.delete(user)
    db.commit()
    ## Logout user by clearing cookie
    request.cookies.clear()
    return {"message": "User deleted successfully"}