Merge pull request #447 from rrakso/feature/add_method_to_delete_token

Feature/add method to delete token

InvenTree/users/views.py

@@ -1,10 +1,12 @@
 from rest_framework import generics, permissions
 from django.contrib.auth.models import User
+from django.core.exceptions import ObjectDoesNotExist
 from .serializers import UserSerializer
 
 from rest_framework.authtoken.views import ObtainAuthToken
 from rest_framework.authtoken.models import Token
 from rest_framework.response import Response
+from rest_framework import status
 
 
 class UserDetail(generics.RetrieveAPIView):
@@ -27,15 +29,30 @@ class GetAuthToken(ObtainAuthToken):
     """ Return authentication token for an authenticated user. """
 
     def post(self, request, *args, **kwargs):
+        return self.login(request)
+
+    def delete(self, request):
+        return self.logout(request)
+
+    def login(self, request):
         serializer = self.serializer_class(data=request.data,
                                            context={'request': request})
         serializer.is_valid(raise_exception=True)
         user = serializer.validated_data['user']
         token, created = Token.objects.get_or_create(user=user)
-        
+
         return Response({
             'token': token.key,
             'pk': user.pk,
             'username': user.username,
             'email': user.email
         })
+
+    def logout(self, request):
+        try:
+            request.user.auth_token.delete()
+            return Response({"success": "Successfully logged out."},
+                            status=status.HTTP_202_ACCEPTED)
+        except (AttributeError, ObjectDoesNotExist):
+            return Response({"error": "Bad request"},
+                            status=status.HTTP_400_BAD_REQUEST)