mirror of
https://github.com/Tivix/django-rest-auth.git
synced 2024-11-25 10:33:45 +03:00
Change handling for logout on GET
+ Make it require allauth + Add a note to docs that it’s not a recommended setting
This commit is contained in:
parent
667e70c40f
commit
7fc875a4f5
|
@ -13,7 +13,7 @@ Basic
|
|||
|
||||
- /rest-auth/logout/ (POST, GET)
|
||||
|
||||
.. note:: ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET (this is the exact same conf from allauth)
|
||||
.. note:: (requires allauth) ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET - this is the exact same conf from allauth. NOT recommended, see: http://django-allauth.readthedocs.io/en/latest/views.html#logout
|
||||
|
||||
- token
|
||||
|
||||
|
|
|
@ -94,13 +94,10 @@ class LogoutView(APIView):
|
|||
permission_classes = (AllowAny,)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
try:
|
||||
if allauth_settings.LOGOUT_ON_GET:
|
||||
response = self.logout(request)
|
||||
else:
|
||||
response = self.http_method_not_allowed(request, *args, **kwargs)
|
||||
except Exception as exc:
|
||||
response = self.handle_exception(exc)
|
||||
if 'allauth' in settings.INSTALLED_APPS and allauth_settings.LOGOUT_ON_GET:
|
||||
response = self.logout(request)
|
||||
else:
|
||||
response = self.http_method_not_allowed(request, *args, **kwargs)
|
||||
|
||||
return self.finalize_response(request, response, *args, **kwargs)
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user