Python for Entrepreneurs Transcripts
Chapter: User accounts and identity
Lecture: Demo: Logging out
0:01 OK, the last thing we want to so is now that we've been able to log into our site is to log out of it; so remember, you can only view this page
0:09 if you are logged in and if you log out, well, there is no log out. So let's write lo gout real quick.
0:15 We are going to do that in the account controller, and let's just duplicate that method real quick and we'll change this to "log out",
0:21 now we are going to need very little information here, actually we don't even need a template, because "log out" is not a view,
0:27 it could have it, it could say "you are now logged out" or you could just log them out
0:30 and redirect them to the home page, where they basically just see the sign in stuff come back, so that is what we're going to do,
0:36 we're going to say self.redirect to '/' and do nothing, so over here when I go cookie_auth and we'll just call it "logout"
0:45 and it's going to need to have access to the request so it can actually do that.
0:48 So it turns out that deleting the cookie is a very similar to writing a cookie where we have this callback, OK, so we are going to come over here
0:58 and we are going to say request.add_response_callback and this we are going to call delete_cookie and in order to delete the cookie,
1:04 you don't have to pass the value, you just have to have the request, the response and the name, actually, you don't even need the response, do you.
1:12 So let's write that. We'll just say response.delete_cookie and we'll give it the name, and that's it.
1:22 There is nothing more to it, let's do little formatting so everybody is happy,
1:25 PEP 8 and all that, if we rerun this, we should be able to go over here, run our page,
1:30 click around you see we're logged in, if I hit log out, it should delete the cookie,
1:35 redirect us to the homepage and this navigation part up here should change
1:38 because the cookie is not there, so we are no longer signed in, ready, set go.
1:43 Boom, how about that, so we're logged out, if we try to go to our account again,
1:47 it's going to say no, you've got to sign in, see indicate sign up here, now we're signed in, go to our account all we want,
1:54 and if we ever decide to log out then boom, we're logged out. So I think that wraps it up for our little demo, and adding user tracking to our web app.
2:05 Let's add one final handy little utility to the base class here. So if I go to the base controller, it's nice to know that we have a logged in user id,
2:14 but every time we want to work with the user, which is often extremely common, you are going to want to go, you are going to need to go
2:21 and do a query against the database, for that user id and get them back, so we can shortcut a lot of those steps over here
2:27 and we can just change this to be create a logged in user, and then we'll say something like this,
2:32 we'll say "id, uid=self.logged_in_user_id", we'll say "if not uid: return None", so if nobody is logged in, obviously we can't go to the database,
2:44 but if they are, we can go to the AccountService and we can say find user, or find account by, and we don't have an id yet do we,
2:51 nowhere along the way have we needed to find the user by id, yet, so we'll write that really quickly, so we go over here and by,
2:59 id and we'll do uid, so we can add that method to the account service, and it will add as a class method and down here now call this user,
3:07 and this is going to be super similar to this one up here. Let's just do the query ever so slightly differently.
3:16 So, let's go over here, and we'll say "if not user id", we'll return None,
3:20 I don't care about this lower case thing, it's not likely the case is changing,
3:25 we want to create the database session and we are going to do a query with SQLAlchemy to say the id is equal to the user id there is the first.
3:32 OK, then anywhere we want, for down here maybe we want to go to the albums and we want to do, we somehow want to get access to the user,
3:41 we just say self.logged_in_user, that does the query against the database using the cookie information we've already stored,
3:48 and then we have access to the user, like so. Now, you only want to call this if you are going to do some sort of test for the logged in,
3:55 you would do something like this, right, logged_in_user_id, we could even add another property just is_logged_in or has_user,
4:02 something to that effect, because you don't want to hit the database unless you actually need the user, but this is a really handy method to use,
4:07 to have around, because you are going to want to access to that character all the time.