From 6da0703b0daefcc1d569027b5d5862bda86c5ee0 Mon Sep 17 00:00:00 2001
From: Grigoriy Beziuk <gbezyuk@gmail.com>
Date: Fri, 30 Jun 2017 13:59:10 +0300
Subject: [PATCH 1/2] LoginView.get_response modified in order to respect
 rest_framework_jwt.JWT_AUTH_COOKIE setting

---
 rest_auth/views.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/rest_auth/views.py b/rest_auth/views.py
index 0493a76..290c837 100644
--- a/rest_auth/views.py
+++ b/rest_auth/views.py
@@ -84,7 +84,17 @@ class LoginView(GenericAPIView):
             serializer = serializer_class(instance=self.token,
                                           context={'request': self.request})
 
-        return Response(serializer.data, status=status.HTTP_200_OK)
+        response = Response(serializer.data, status=status.HTTP_200_OK)
+        if getattr(settings, 'REST_USE_JWT', False):
+            from rest_framework_jwt.settings import api_settings as jwt_settings
+            if jwt_settings.JWT_AUTH_COOKIE:
+                from datetime import datetime
+                expiration = (datetime.utcnow() + jwt_settings.JWT_EXPIRATION_DELTA)
+                response.set_cookie(jwt_settings.JWT_AUTH_COOKIE,
+                                    self.token,
+                                    expires=expiration,
+                                    httponly=True)
+        return response
 
     def post(self, request, *args, **kwargs):
         self.request = request

From 46fd16700a9e64fc23d843a9c3ff8c1798d60cd0 Mon Sep 17 00:00:00 2001
From: Grigoriy Beziuk <gbezyuk@gmail.com>
Date: Fri, 30 Jun 2017 14:23:56 +0300
Subject: [PATCH 2/2] also for cookie deletion

---
 rest_auth/views.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/rest_auth/views.py b/rest_auth/views.py
index 290c837..20175b0 100644
--- a/rest_auth/views.py
+++ b/rest_auth/views.py
@@ -133,8 +133,13 @@ class LogoutView(APIView):
 
         django_logout(request)
 
-        return Response({"detail": _("Successfully logged out.")},
-                        status=status.HTTP_200_OK)
+        response = Response({"detail": _("Successfully logged out.")},
+                            status=status.HTTP_200_OK)
+        if getattr(settings, 'REST_USE_JWT', False):
+            from rest_framework_jwt.settings import api_settings as jwt_settings
+            if jwt_settings.JWT_AUTH_COOKIE:
+                response.delete_cookie(jwt_settings.JWT_AUTH_COOKIE)
+        return response
 
 
 class UserDetailsView(RetrieveUpdateAPIView):