From 234ce2316af202a5b2bf09024e0493b587127cd0 Mon Sep 17 00:00:00 2001
From: TheoLechemia <theo.lechemia@ecrins-parcnational.fr>
Date: Tue, 19 Sep 2023 11:16:47 +0200
Subject: [PATCH] delete cookie on good path on logout

---
 src/pypnusershub/routes.py |  7 +++++--
 src/pypnusershub/utils.py  | 35 +++++++++++++++++++++--------------
 2 files changed, 26 insertions(+), 16 deletions(-)

diff --git a/src/pypnusershub/routes.py b/src/pypnusershub/routes.py
index 15bf873..9a6a565 100755
--- a/src/pypnusershub/routes.py
+++ b/src/pypnusershub/routes.py
@@ -19,7 +19,7 @@
 import sqlalchemy as sa
 from werkzeug.exceptions import BadRequest, Forbidden
 
-from pypnusershub.utils import get_current_app_id, set_cookie
+from pypnusershub.utils import get_current_app_id, set_cookie, delete_cookie
 from pypnusershub.db import models, db
 from pypnusershub.db.tools import (
     user_to_token,
@@ -293,7 +293,10 @@ def logout():
         resp = redirect(params["redirect"], code=302)
     else:
         resp = make_response()
-    resp.delete_cookie("token")
+
+    resp = delete_cookie(
+        resp, key="token", application_url=current_app.config.get("URL_APPLICATION")
+    )
     return resp
 
 
diff --git a/src/pypnusershub/utils.py b/src/pypnusershub/utils.py
index 2a776f0..0749306 100644
--- a/src/pypnusershub/utils.py
+++ b/src/pypnusershub/utils.py
@@ -16,14 +16,13 @@
 
 
 class RessourceError(EnvironmentError):
-
     def __init__(self, msg, errors):
         super(RessourceError, self).__init__(msg)
         self.errors = errors
 
 
 def binary_resource_stream(resource, locations):
-    """ Return a resource from this path or package """
+    """Return a resource from this path or package"""
 
     # convert
     errors = []
@@ -33,11 +32,11 @@ def binary_resource_stream(resource, locations):
         locations = (locations,)
 
     for location in locations:
-
         # Assume location is a module and try to load it using pkg_resource
         try:
             import pkg_resources
-            module_name = getattr(location, '__name__', location)
+
+            module_name = getattr(location, "__name__", location)
             return pkg_resources.resource_stream(module_name, resource)
         except (ImportError, EnvironmentError) as e:
             errors.append(e)
@@ -58,27 +57,30 @@ def binary_resource_stream(resource, locations):
             except EnvironmentError as e:
                 errors.append(e)
 
-    msg = ('Unable to find resource "%s" in "%s". '
-           'Inspect RessourceError.errors for list of encountered errors.')
+    msg = (
+        'Unable to find resource "%s" in "%s". '
+        "Inspect RessourceError.errors for list of encountered errors."
+    )
     raise RessourceError(msg % (resource, locations), errors)
 
 
-def text_resource_stream(path, locations, encoding="utf8", errors=None,
-                         newline=None, line_buffering=False):
-    """ Return a resource from this path or package. Transparently decode the stream. """
+def text_resource_stream(
+    path, locations, encoding="utf8", errors=None, newline=None, line_buffering=False
+):
+    """Return a resource from this path or package. Transparently decode the stream."""
     stream = binary_resource_stream(path, locations)
     return io.TextIOWrapper(stream, encoding, errors, newline, line_buffering)
 
 
 def get_current_app_id():
-    if 'ID_APP' in current_app.config:
-        return current_app.config['ID_APP']
-    elif 'CODE_APPLICATION' in current_app.config:
+    if "ID_APP" in current_app.config:
+        return current_app.config["ID_APP"]
+    elif "CODE_APPLICATION" in current_app.config:
         from pypnusershub.db.models import Application
 
         return (
             Application.query.filter_by(
-                code_application=current_app.config['CODE_APPLICATION'],
+                code_application=current_app.config["CODE_APPLICATION"],
             )
             .one()
             .id_application
@@ -97,6 +99,12 @@ def get_cookie_path(application_url: Optional[str] = None) -> str:
     return split_url.path if split_url.path else "/"
 
 
+def delete_cookie(response: Response, application_url: Optional[str] = None, **kwargs):
+    cookie_path = get_cookie_path(application_url=application_url)
+    response.delete_cookie(**kwargs, path=cookie_path)
+    return response
+
+
 def set_cookie(response: Response, application_url: Optional[str] = None, **kwargs):
     """
     Set automatically a Path on a cookie.
@@ -105,4 +113,3 @@ def set_cookie(response: Response, application_url: Optional[str] = None, **kwar
     cookie_path = get_cookie_path(application_url=application_url)
     response.set_cookie(**kwargs, path=cookie_path)
     return response
-    
\ No newline at end of file