Python for Entrepreneurs Transcripts
Chapter: User accounts and identity
Lecture: Demo: Logging out
0:01 OK, the last thing we want to so is now that we've been able to log into our site
0:05 is to log out of it; so remember, you can only view this page
0:08 if you are logged in and if you log out, well, there is no log out.
0:12 So let's write lo gout real quick.
0:14 We are going to do that in the account controller,
0:16 and let's just duplicate that method real quick and we'll change this to "log out",
0:20 now we are going to need very little information here,
0:23 actually we don't even need a template, because "log out" is not a view,
0:26 it could have it, it could say "you are now logged out" or you could just log them out
0:29 and redirect them to the home page, where they basically just see
0:33 the sign in stuff come back, so that is what we're going to do,
0:35 we're going to say self.redirect to '/' and do nothing,
0:41 so over here when I go cookie_auth and we'll just call it "logout"
0:44 and it's going to need to have access to the request so it can actually do that.
0:47 So it turns out that deleting the cookie is a very similar to writing a cookie
0:54 where we have this callback, OK, so we are going to come over here
0:57 and we are going to say request.add_response_callback
1:00 and this we are going to call delete_cookie and in order to delete the cookie,
1:03 you don't have to pass the value, you just have to have the request,
1:08 the response and the name, actually, you don't even need the response, do you.
1:11 So let's write that. We'll just say response.delete_cookie
1:17 and we'll give it the name, and that's it.
1:21 There is nothing more to it, let's do little formatting so everybody is happy,
1:24 PEP 8 and all that, if we rerun this, we should be able to go over here, run our page,
1:29 click around you see we're logged in, if I hit log out, it should delete the cookie,
1:34 redirect us to the homepage and this navigation part up here should change
1:37 because the cookie is not there, so we are no longer signed in, ready, set go.
1:42 Boom, how about that, so we're logged out, if we try to go to our account again,
1:46 it's going to say no, you've got to sign in, see indicate sign up here,
1:50 now we're signed in, go to our account all we want,
1:53 and if we ever decide to log out then boom, we're logged out.
1:57 So I think that wraps it up for our little demo, and adding user tracking to our web app.
2:04 Let's add one final handy little utility to the base class here.
2:09 So if I go to the base controller, it's nice to know that we have a logged in user id,
2:13 but every time we want to work with the user, which is often extremely common,
2:17 you are going to want to go, you are going to need to go
2:20 and do a query against the database, for that user id and get them back,
2:23 so we can shortcut a lot of those steps over here
2:26 and we can just change this to be create a logged in user,
2:29 and then we'll say something like this,
2:31 we'll say "id, uid=self.logged_in_user_id", we'll say "if not uid: return None",
2:39 so if nobody is logged in, obviously we can't go to the database,
2:43 but if they are, we can go to the AccountService and we can say find user,
2:47 or find account by, and we don't have an id yet do we,
2:50 nowhere along the way have we needed to find the user by id, yet,
2:54 so we'll write that really quickly, so we go over here and by,
2:58 id and we'll do uid, so we can add that method to the account service,
3:02 and it will add as a class method and down here now call this user,
3:06 and this is going to be super similar to this one up here.
3:12 Let's just do the query ever so slightly differently.
3:15 So, let's go over here, and we'll say "if not user id", we'll return None,
3:19 I don't care about this lower case thing, it's not likely the case is changing,
3:24 we want to create the database session and we are going to do a query with SQLAlchemy
3:28 to say the id is equal to the user id there is the first.
3:31 OK, then anywhere we want, for down here maybe we want to go to the albums
3:37 and we want to do, we somehow want to get access to the user,
3:40 we just say self.logged_in_user, that does the query against the database
3:44 using the cookie information we've already stored,
3:47 and then we have access to the user, like so.
3:50 Now, you only want to call this if you are going to do some sort of test for the logged in,
3:54 you would do something like this, right, logged_in_user_id,
3:57 we could even add another property just is_logged_in or has_user,
4:01 something to that effect, because you don't want to hit the database
4:03 unless you actually need the user, but this is a really handy method to use,
4:06 to have around, because you are going to want to access to that character all the time.