Implement logout semantics by support DELETE on authtoken

awx/api/templates/api/auth_token_view.md

@@ -32,3 +32,6 @@ agent that originally obtained it.
 Each request that uses the token for authentication will refresh its expiration
 timestamp and keep it from expiring.  A token only expires when it is not used
 for the configured timeout interval (default 1800 seconds).
+
+A DELETE request with the token set will cause the token to be invalidated and
+no further requests can be made with it.

awx/api/views.py

@@ -4,6 +4,7 @@
 
 # Python
 import os
+import re
 import cgi
 import datetime
 import dateutil
@@ -608,6 +609,16 @@ class AuthTokenView(APIView):
                            extra=dict(actor=request.data['username']))
         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
 
+    def delete(self, request):
+        print request.META
+        if 'HTTP_AUTHORIZATION' in request.META:
+            token_match = re.match("Token\s(.+)", request.META['HTTP_AUTHORIZATION'])
+            if token_match:
+                filter_tokens = AuthToken.objects.filter(key=token_match.groups()[0])
+                if filter_tokens.exists():
+                    filter_tokens[0].invalidate()
+        return Response(status=status.HTTP_204_NO_CONTENT)
+
 
 class OrganizationCountsMixin(object):