Implement token blacklisting and logout functionality

main.py

@@ -200,7 +200,17 @@ def verify_token(token: str, secret_key: str):
     return username
 
 def verify_access_token(token: str = Depends(oauth2_scheme)):
-    return verify_token(token, SECRET_KEY)
+    username = verify_token(token, SECRET_KEY)
+    
+    # Check if token is blacklisted
+    if cache.get(f"blacklist_{token}"):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Token has been revoked",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    
+    return username
 
 # Endpoints
 @app.get("/")
@@ -266,6 +276,36 @@ async def refresh(refresh_request: RefreshRequest):
             detail="Could not validate credentials",
             headers={"WWW-Authenticate": "Bearer"},
         )
+    
+@app.post("/logout")
+def logout(
+    token: str = Depends(oauth2_scheme),
+    username: str = Depends(verify_access_token)
+):
+    try:
+        # Decode token to get expiration time
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        exp_timestamp = payload.get("exp")
+        if exp_timestamp is None:
+            raise HTTPException(status_code=400, detail="Token missing expiration time")
+        
+        # Calculate remaining token validity
+        current_time = datetime.now(timezone.utc).timestamp()
+        remaining_time = exp_timestamp - current_time
+        
+        if remaining_time > 0:
+            # Add to blacklist cache with TTL matching token expiration
+            cache_key = f"blacklist_{token}"
+            cache.set(cache_key, True, expire=remaining_time)
+        
+        return {"message": "Successfully logged out"}
+    
+    except JWTError:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid token",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
 
 @app.post("/search", response_model=List[SearchResult])
 async def search(