Call /oidc/logout/ before logging in to ensure there is no session left on taiga-back

[privat-eco]

Fixes an issue where user actions raises https://github.com/mozilla/mozilla-django-oidc/blob/63f56222e3c95fe67e73107f5f5374f5e662e8ca/mozilla_django_oidc/views.py#L81

To reproduce the issue fixed by this PR :

login via OIDC,
logout
try to log in again

the problem happens because cookie named "sessionid" is not cleaned on frontend logout and not replaced when user logs in again (and so we had a mismatch between the sessionid known by taiga-back and by the web browser.

A better solution would be to add in taiga-front the possibility to hook on logout from thirdparty plugins. if someone is more comfortable than me with Angular, feel free

[ChriFo]

This is the relevante Angular code

angular.module('taigaContrib.logout', []).run ['$rootScope', '$http', ($rootScope, $http) ->
    $rootScope.$on('auth:logout', () ->
        $http.get('/api/v2/auth/logout')
    )
]

and the corresponding Python classes
api.py:

from django.contrib.auth import logout

from taiga.base import response
from taiga.base.api import viewsets
from taiga.base.decorators import list_route


class LogoutViewSet(viewsets.ViewSet):

    @list_route(methods=['GET'])
    def logout(self, request):
        logout(request)

        return response.NoContent()

apps.py:

from django.apps import AppConfig
from django.conf.urls import include, url


class TaigaContribLogoutAppConfig(AppConfig):
    name = "taiga_contrib_logout"
    verbose_name = "Taiga contrib logout App Config"

    def ready(self):
        from taiga.base import routers
        from taiga.urls import urlpatterns
        from .api import LogoutViewSet

        router = routers.DefaultRouter(trailing_slash=False)
        router.register(r"/auth", LogoutViewSet, base_name="logout")
        urlpatterns.append(url(r'^api/v2', include(router.urls)))