Added Token Validation before logout

author Kanagaraj Manickam <kanagaraj.manickam@huawei.com>

Fri, 25 Sep 2020 13:29:30 +0000 (18:59 +0530)

committer Kanagaraj Manickam <kanagaraj.manickam@huawei.com>

Mon, 19 Oct 2020 16:49:56 +0000 (22:19 +0530)
author Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
Fri, 25 Sep 2020 13:29:30 +0000 (18:59 +0530)
committer Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
Mon, 19 Oct 2020 16:49:56 +0000 (22:19 +0530)
diff --git a/opnfv_testapi/ui/auth/sign.py b/opnfv_testapi/ui/auth/sign.py

index f245c4b..6b70d1a 100644 (file)
--- a/opnfv_testapi/ui/auth/sign.py
+++ b/opnfv_testapi/ui/auth/sign.py
@@ -325,6 +325,9 @@ class LoginHandler(base.BaseHandler):
  
  class LogoutHandler(base.BaseHandler):
      def post(self):
+        token=self.get_secure_cookie('token')
          input_token = self.request.headers._dict['Token']
+        if not input_token or not input_token == token :
+            raises.Unauthorized(message.invalid_token())
          resp = {'Message': 'You have been logged out successfully.'}
          self.finish_request(resp)
author	Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
	Fri, 25 Sep 2020 13:29:30 +0000 (18:59 +0530)
committer	Kanagaraj Manickam <kanagaraj.manickam@huawei.com>
	Mon, 19 Oct 2020 16:49:56 +0000 (22:19 +0530)