From b196f6fcb843c9ff9cf29ae0431fa1879cd19c80 Mon Sep 17 00:00:00 2001
From: marcelmenezes <marcel.business@gmail.com>
Date: Tue, 9 May 2023 01:28:47 -0300
Subject: [PATCH] Update app.py

Revoke access token to invalidate session
---
 app.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/app.py b/app.py
index ba0952c..f676a45 100644
--- a/app.py
+++ b/app.py
@@ -65,6 +65,14 @@ def callback():
 
 @app.route("/logout")
 def logout():
+    
+    # Revoke access token to invalidate session
+    if "google_id" in session:
+        credentials = flow.credentials
+        requests.post('https://accounts.google.com/o/oauth2/revoke',
+                      params={'token': credentials.token},
+                      headers={'content-type': 'application/x-www-form-urlencoded'})
+
     session.clear()
     return redirect("/")