From 45b8b1e198da89b948137ec4d4610f27c1ba9820 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Sun, 30 May 2021 00:27:33 +0200
Subject: [PATCH] core: delete AuthenticatedSession on logout

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/core/signals.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/authentik/core/signals.py b/authentik/core/signals.py
index 7685c7255..c843d2609 100644
--- a/authentik/core/signals.py
+++ b/authentik/core/signals.py
@@ -1,7 +1,7 @@
 """authentik core signals"""
 from typing import TYPE_CHECKING
 
-from django.contrib.auth.signals import user_logged_in
+from django.contrib.auth.signals import user_logged_in, user_logged_out
 from django.core.cache import cache
 from django.core.signals import Signal
 from django.db.models import Model
@@ -43,8 +43,20 @@ def post_save_application(sender: type[Model], instance, created: bool, **_):
 
 
 @receiver(user_logged_in)
+# pylint: disable=unused-argument
 def user_logged_in_session(sender, request: HttpRequest, user: "User", **_):
     """Create an AuthenticatedSession from request"""
     from authentik.core.models import AuthenticatedSession
 
     AuthenticatedSession.from_request(request, user).save()
+
+
+@receiver(user_logged_out)
+# pylint: disable=unused-argument
+def user_logged_out_session(sender, request: HttpRequest, user: "User", **_):
+    """Delete AuthenticatedSession if it exists"""
+    from authentik.core.models import AuthenticatedSession
+
+    AuthenticatedSession.objects.filter(
+        session_key=request.session.session_key
+    ).delete()