From 76fd218958828f252f7cc566746ec966269c852e Mon Sep 17 00:00:00 2001 From: Steven Loria Date: Tue, 24 Oct 2017 19:44:35 -0400 Subject: [PATCH] Prevent logout GET from getting documented by schema generation ...by preventing `get` from being implemented if ACCOUNT_LOGOUT_ON_GET is False --- rest_auth/views.py | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/rest_auth/views.py b/rest_auth/views.py index 58b5b29..acb56d7 100644 --- a/rest_auth/views.py +++ b/rest_auth/views.py @@ -105,13 +105,10 @@ class LogoutView(APIView): """ permission_classes = (AllowAny,) - def get(self, request, *args, **kwargs): - if getattr(settings, 'ACCOUNT_LOGOUT_ON_GET', False): + if getattr(settings, 'ACCOUNT_LOGOUT_ON_GET', False): + def get(self, request, *args, **kwargs): response = self.logout(request) - else: - response = self.http_method_not_allowed(request, *args, **kwargs) - - return self.finalize_response(request, response, *args, **kwargs) + return self.finalize_response(request, response, *args, **kwargs) def post(self, request): return self.logout(request)