Tivix/django-rest-auth
1
1
Fork 0
mirror of https://github.com/Tivix/django-rest-auth.git synced 2024-11-22 17:16:34 +03:00
Code Issues Packages Projects Releases Wiki Activity

Change handling for logout on GET

Browse Source 
+ Make it require allauth
+ Add a note to docs that it’s not a recommended setting
This commit is contained in:
Maxim Kukhtenkov 2016-11-27 03:35:11 -08:00
parent 667e70c40f
commit 7fc875a4f5
2 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/api_endpoints.rst
View File

@ -13,7 +13,7 @@ Basic
- /rest-auth/logout/ (POST, GET) - /rest-auth/logout/ (POST, GET)
.. note:: ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET (this is the exact same conf from allauth) .. note:: (requires allauth) ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET - this is the exact same conf from allauth. NOT recommended, see: http://django-allauth.readthedocs.io/en/latest/views.html#logout
- token - token

11
rest_auth/views.py
View File

@ -94,13 +94,10 @@ class LogoutView(APIView):
permission_classes = (AllowAny,) permission_classes = (AllowAny,)
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
try: if 'allauth' in settings.INSTALLED_APPS and allauth_settings.LOGOUT_ON_GET:
if allauth_settings.LOGOUT_ON_GET: response = self.logout(request)
response = self.logout(request) else:
else: response = self.http_method_not_allowed(request, *args, **kwargs)
response = self.http_method_not_allowed(request, *args, **kwargs)
except Exception as exc:
response = self.handle_exception(exc)
return self.finalize_response(request, response, *args, **kwargs) return self.finalize_response(request, response, *args, **kwargs)