logout inactive on exteranal auth

pytorrent/routes/auth_api.py

@@ -2,7 +2,7 @@ from __future__ import annotations
 
 from flask import abort, jsonify, request
 
-from ..services.auth import current_user, list_users, save_user, delete_user, login_user, logout_user, enabled as auth_enabled, provider as auth_provider, list_api_tokens, create_api_token, revoke_api_token
+from ..services.auth import current_user, list_users, save_user, delete_user, login_user, logout_user, enabled as auth_enabled, provider as auth_provider, uses_external_provider, list_api_tokens, create_api_token, revoke_api_token
 
 
 def _ok(payload=None):
@@ -33,6 +33,8 @@ def register_auth_routes(bp):
     def auth_logout():
         if not auth_enabled():
             abort(404)
+        if uses_external_provider():
+            return _ok({"logout_managed_by_provider": True, "auth_provider": auth_provider()})
         logout_user()
         return _ok()
 

pytorrent/routes/main.py

@@ -195,6 +195,9 @@ def login():
 
 @bp.get("/logout")
 def logout():
+    # Note: External providers such as Tinyauth own the login session, so pyTorrent must not pretend to log the user out locally.
+    if auth.uses_external_provider():
+        return redirect(url_for("main.index"))
     auth.logout_user()
     if not auth.enabled():
         return redirect(url_for("main.index"))
@@ -212,6 +215,8 @@ def index():
         bootstrap_themes=BOOTSTRAP_THEMES,
         font_families=FONT_FAMILIES,
         auth_enabled=auth.enabled(),
+        auth_provider=auth.provider(),
+        external_auth=auth.uses_external_provider(),
         current_user=auth.current_user(),
     )