Add working logout link, slightly change login logic

On logging in, don't get a new access token if there's one in the database
for this user. Log out link wipes the user's session, but not their database
entry. Those can be cleaned up periodically (after I add a last-used stamp).

Misfeature: user's setting is deleted, too, because it was only in the session.
This commit is contained in:
Jason McBrayer 2018-04-25 17:02:59 -04:00
parent 0594fda487
commit 498f89b165

View File

@ -72,18 +72,17 @@ def login(request):
client_id = client.client_id,
client_secret = client.client_secret,
api_base_url = api_base_url)
access_token = mastodon.log_in(username,
password)
try:
account = Account.objects.get(username=username, client_id=client.id)
account.access_token = access_token
except (Account.DoesNotExist, Account.MultipleObjectsReturned):
account = Account(
username = username,
access_token = access_token,
client = client)
account.save()
access_token = mastodon.log_in(username,
password)
account.save()
request.session['username'] = username
return redirect(home)
@ -91,7 +90,8 @@ def login(request):
return render(request, 'setup/login.html', {'form': form})
def logout(request):
return redirect(error)
request.session.flush()
return redirect(home)
def error(request):
return render(request, 'error.html', { 'error': "Not logged in yet."})