TMSS-521: Add token-deauth API

SAS/TMSS/src/tmss/tmssapp/views.py

@@ -53,13 +53,25 @@ class LoginView(LiW):
         password = request.POST['password']
         user = authenticate(request, username=username, password=password)
         if user is not None:
-            # TODO: Provide a proof of auth to frontend. DRF TokenAuthentication: POST /token-auth/
+            # TODO: Keep this view or not? We provide a proof of auth to frontend with DRF TokenAuthentication: POST /token-auth/
             auth = login(request, user)
             return HttpResponse('Success!', content_type='text/plain')
         else:
             return HttpResponse('Invalid credentials!', content_type='text/plain')
 
 
+from django.contrib.auth import logout
+from rest_framework.authtoken.models import Token
+# TODO: Deal with CSRF
+def token_deauth(request, *args, **kwargs):
+    token = request.META['HTTP_AUTHORIZATION'].split(" ")[1]
+    # FIXME: request.user is None, need to find out a way to link token with user (Token.objects.filter(key=token, user=requests.user)
+    invalidate_token = Token.objects.filter(key=token)
+    invalidate_token.delete()
+    # logout(request)
+    return HttpResponse('Success logout!', content_type='text/plain')
+
+
 def task_specify_observation(request, pk=None):
     task = get_object_or_404(models.TaskDraft, pk=pk)
     return HttpResponse("response", content_type='text/plain')

SAS/TMSS/src/tmss/urls.py

@@ -60,6 +60,7 @@ urlpatterns = [
     path('login/', views.LoginView.as_view(), name='login'),
     path('logout/', LogoutView.as_view(), name='logout'),
     path('token-auth/', obtain_auth_token, name='token-auth'),
+    path('token-deauth/', views.token_deauth, name='token-deauth'),
     path('docs/', include_docs_urls(title='TMSS API')),
     re_path(r'^swagger(?P<format>\.json|\.yaml)$', swagger_schema_view.without_ui(cache_timeout=0), name='schema-json'),
     path('swagger/', swagger_schema_view.with_ui('swagger', cache_timeout=0), name='schema-swagger-ui'),