attempt to blacklist token if no JWT_AUTH_COOKIE is found

This commit is contained in:
Marc LaBelle 2020-04-01 18:56:41 -04:00
parent 26b6e22043
commit 241011a353

View File

@ -142,6 +142,7 @@ class LogoutView(APIView):
cookie_name = getattr(settings, 'JWT_AUTH_COOKIE', None)
if cookie_name:
response.delete_cookie(cookie_name)
else:
# add refresh token to blacklist
try:
token = RefreshToken(request.data['refresh'])
@ -154,8 +155,7 @@ class LogoutView(APIView):
response = Response({"detail": _("Token is already blacklisted.")},
status=status.HTTP_404_NOT_FOUND)
except AttributeError as e:
# warn user blacklist is not enabled if not using JWT_AUTH_COOKIE
if not cookie_name:
# warn user blacklist is not enabled
if e.args[0] == "'RefreshToken' object has no attribute 'blacklist'":
response = Response({"detail": _("Blacklist is not enabled in INSTALLED_APPS.")},
status=status.HTTP_501_NOT_IMPLEMENTED)