Auth: fix oAuth2 tokenUrl, add logout api

src/gisaf/api/main.py

@@ -63,6 +63,7 @@ async def login_for_access_token(
     ) -> Token:
     user = await authenticate_user(form_data.username, form_data.password)
     if not user:
+        logger.info(f'{form_data.username} failed attempt to get token')
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="Incorrect username or password",
@@ -71,9 +72,16 @@ async def login_for_access_token(
     access_token = create_access_token(
         data={"sub": user.username},
         expires_delta=timedelta(seconds=conf.crypto.expire))
+    logger.info(f'{user.username} ({user.id}) logged in')
     return Token(access_token=access_token, token_type='bearer')
 
 
+@api.get('/logout')
+async def logout(
+    user: Annotated[UserRead, Depends(get_current_user)]):
+    logger.info(f'{user.username} ({user.id}) logged out')
+
+
 @api.get("/users")
 async def get_users(
     db_session: db_session,

src/gisaf/security.py

@@ -38,7 +38,7 @@ class TokenData(BaseModel):
 #     disabled: bool | None = None
 
 
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token", auto_error=False)
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/token", auto_error=False)
 
 credentials_exception = HTTPException(
     status_code=status.HTTP_401_UNAUTHORIZED,