user10898133
Reputation:
Logout in Django Rest Framework
Fails to implement the user logout.
Here is the code. I'm trying to run from the command line
curl -d "" POST http://127.0.0.1:8001/api/v1/users/settings/logout/
But in response I get a 401 error - {"detail": "Authentication credentials were not provided."}. Although the user is logged in.
@action(detail=False, methods=['post'])
def logout(self, request):
print(999) #Nothing
try:
print(request.user.auth_token)
request.user.auth_token.delete()
except (AttributeError):
pass
from django.contrib.auth import logout
logout(request)
return Response({"success": _("Successfully logged out.")},
status=status.HTTP_200_OK)
It seems that the function does not even work ...
from django.contrib.auth import get_user_model
from rest_framework_jwt.authentication import JSONWebTokenAuthentication
from rest_framework import exceptions
from .utils import provide_user_to_sentry
class UserIdAuthenticateMixin:
def authenticate_credentials(self, payload):
"""
Returns an active user that matches the payload's user id.
"""
User = get_user_model()
user_id = payload.get('user_id')
if not user_id:
raise exceptions.AuthenticationFailed('Invalid payload.')
try:
user = User.objects.get(pk=user_id)
except User.DoesNotExist:
raise exceptions.AuthenticationFailed('Invalid signature.')
if not user.is_active:
raise exceptions.AuthenticationFailed('User account is disabled.')
return user
class JSONWebTokenSentryAuthentication(UserIdAuthenticateMixin, JSONWebTokenAuthentication):
"""Wrapper around ``JSONWebTokenAuthentication``
In case of successful authentication it reports user id and IP address to sentry for later logging
Clients should authenticate by passing the token key in the "Authorization"
HTTP header, prepended with the string specified in the setting
`JWT_AUTH_HEADER_PREFIX`. For example:
Authorization: JWT eyJhbGciOiAiSFMyNTYiLCAidHlwIj
"""
def authenticate(self, request):
original_response = super().authenticate(request)
if original_response is None:
return original_response
user, _jwt = original_response
provide_user_to_sentry(request, user)
return original_response
class UserIdJSONWebTokenAuthentication(UserIdAuthenticateMixin, JSONWebTokenAuthentication):
"""Wrapper around ``JSONWebTokenAuthentication``
Update authenticate_credentials to check user id.
Clients should authenticate by passing the token key in the "Authorization"
HTTP header, prepended with the string specified in the setting
`JWT_AUTH_HEADER_PREFIX`. For example:
Authorization: JWT eyJhbGciOiAiSFMyNTYiLCAidHlwIj
"""
pass
Upvotes: 2
Views: 7797
Answers (1)
user10898133
Reputation:
Authorization
After this request I get token for user
curl -H "Authorization: JWT Token" -d "[email protected]&password=password" POST 'http://127.0.0.1:8001/api/v1/users/login/'
Logout view
@action(detail=False, methods=['post'])
def logout(self, request):
try:
request.user.auth_token.delete()
except (AttributeError, ObjectDoesNotExist):
pass
django_logout(request)
return Response(status=status.HTTP_200_OK)
Logout request
curl -d "" -H "Authorization: JWT Token" POST 'http://127.0.0.1:8001/api/v1/users/settings/logout/'
Upvotes: 2
Related Questions
- Logout not working
- Logout Django Rest Framework JWT
- How to log out using rest framework jwt
- How logout from Djoser (installed with Django Rest Framework)
- User logout by session in Django Rest Framework
- django rest framework - token authentication logout
- Django Rest Framework logout not working after token authentication
- Django rest framework json web token logout function
- django-rest-framework Token Auth and logout
- Django REST API Logout request