Tokens now correctly delete themselves

client/js/api.js

@@ -175,11 +175,18 @@ class Api extends events.EventTarget {
     }
 
     logout() {
-        this.delete_token(this.userName, this.userToken);
+        this.delete_token(this.userName, this.userToken).then(response => {
+            this._logout()
+        }, error => {
+            this._logout()
+        });
+
+    }
+
+    _logout() {
         this.user = null;
         this.userName = null;
         this.userPassword = null;
-        this.userToken = null;
         this.dispatchEvent(new CustomEvent('logout'));
     }
 

server/szurubooru/api/user_token_api.py

@@ -30,9 +30,9 @@ def create_user_token(ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.R
 
 @rest.routes.delete('/user-tokens/(?P<user_token>[^/]+)/?')
 def create_user_token(ctx: rest.Context, params: Dict[str, str]) -> rest.Response:
+    auth.verify_privilege(ctx.user, 'user_token:delete')
     user_token = user_tokens.get_user_token_by_user_and_token(ctx.user, params['user_token'])
     if user_token is not None:
-        auth.verify_privilege(ctx.user, 'user_token:delete')
         ctx.session.delete(user_token)
         ctx.session.commit()
     return {}