1- from fastapi import APIRouter , Depends , HTTPException , status
2- from fastapi .security import OAuth2PasswordRequestForm
3-
4- from src .core .authorization .dependencies import require_permission
5- from src .core .authorization .permissions import ME_ACTION , USER_RESOURCE
1+ from fastapi import APIRouter , Depends , HTTPException , status
2+ from fastapi .security import OAuth2PasswordRequestForm
3+
4+ from src .core .authorization .dependencies import require_permission
5+ from src .core .authorization .permissions import ME_ACTION , UPDATE_ACTION , USER_RESOURCE
66from src .modules .user .application .detail_user .handler import DetailUserQueryHandler
77from src .modules .user .application .detail_user .query import DetailUserQuery
88from src .modules .user .application .login_user .command import LoginUserCommand
99from src .modules .user .application .login_user .handler import LoginUserCommandHandler
10+ from src .modules .user .application .logout_user .command import LogoutUserCommand
11+ from src .modules .user .application .logout_user .handler import LogoutUserCommandHandler
1012from src .modules .user .application .refresh_token .command import RefreshTokenCommand
1113from src .modules .user .application .refresh_token .handler import (
1214 RefreshTokenCommandHandler ,
1820from src .modules .user .domain .exceptions .user_exception import UserAlreadyExistsError
1921from src .modules .user .presentation .dependency import (
2022 get_login_handler ,
23+ get_logout_handler ,
2124 get_refresh_token_handler ,
2225 get_register_handler ,
2326 get_user_detail_handler ,
@@ -69,9 +72,6 @@ async def refresh_token(
6972 handler : RefreshTokenCommandHandler = Depends (get_refresh_token_handler ),
7073):
7174 try :
72- # Note: In strict rotation, we might not even require a valid access token here,
73- # just the refresh token. But requiring it adds a layer of security.
74- # We pass current_user["id"] to ensure the RT belongs to the user making the request.
7575 result = await handler .execute (
7676 RefreshTokenCommand (
7777 token = request .refresh_token ,
@@ -87,10 +87,10 @@ async def refresh_token(
8787
8888
8989@router .get ("/me" )
90- async def get_me (
91- current_user : dict = Depends (require_permission (USER_RESOURCE , ME_ACTION )),
92- handler : DetailUserQueryHandler = Depends (get_user_detail_handler ),
93- ):
90+ async def get_me (
91+ current_user : dict = Depends (require_permission (USER_RESOURCE , ME_ACTION )),
92+ handler : DetailUserQueryHandler = Depends (get_user_detail_handler ),
93+ ):
9494 user = await handler .execute (
9595 DetailUserQuery (
9696 user_id = current_user .get ("id" ),
@@ -99,4 +99,9 @@ async def get_me(
9999 return {"id" : str (user .id ), "email" : user .email }
100100
101101
102- # TODO: need logout endpoint
102+ @router .post ("/logout" , status_code = status .HTTP_204_NO_CONTENT )
103+ async def logout (
104+ current_user : dict = Depends (require_permission (USER_RESOURCE , UPDATE_ACTION )),
105+ handler : LogoutUserCommandHandler = Depends (get_logout_handler ),
106+ ):
107+ await handler .excute (LogoutUserCommand (user_id = str (current_user .get ("id" ))))
0 commit comments