Added Token Validation before logout

Issue-ID: DOVETAIL-801 Signed-off-by: Kanagaraj Manickam <kanagaraj.manickam@huawei.com> Change-Id: I75062a31f17e628215aa7c0d8768e5be486a515e
author: Kanagaraj Manickam <kanagaraj.manickam@huawei.com> 2020-09-25 18:59:30 +0530
committer: Kanagaraj Manickam <kanagaraj.manickam@huawei.com> 2020-10-19 22:19:56 +0530
commit: c97bb4110588c41211ae8ee960b1ae70a3f1de47 (patch)
tree: 6b36f2a0d026dcb2629f2e8a5bc9ed64e1d38162
parent: 4b780f978ed5d941f5066f66ec2520f3d9ec1313 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/opnfv_testapi/ui/auth/sign.py b/opnfv_testapi/ui/auth/sign.py
index f245c4b..6b70d1a 100644
--- a/opnfv_testapi/ui/auth/sign.py
+++ b/opnfv_testapi/ui/auth/sign.py
@@ -325,6 +325,9 @@ class LoginHandler(base.BaseHandler):
 
 class LogoutHandler(base.BaseHandler):
     def post(self):
+        token=self.get_secure_cookie('token')
         input_token = self.request.headers._dict['Token']
+        if not input_token or not input_token == token :
+            raises.Unauthorized(message.invalid_token())
         resp = {'Message': 'You have been logged out successfully.'}
         self.finish_request(resp)
author	Kanagaraj Manickam <kanagaraj.manickam@huawei.com>	2020-09-25 18:59:30 +0530
committer	Kanagaraj Manickam <kanagaraj.manickam@huawei.com>	2020-10-19 22:19:56 +0530
commit	c97bb4110588c41211ae8ee960b1ae70a3f1de47 (patch)
tree	6b36f2a0d026dcb2629f2e8a5bc9ed64e1d38162
parent	4b780f978ed5d941f5066f66ec2520f3d9ec1313 (diff)