PapaTutuWawa/etesync-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Logout: allow any authenticated user (instead of normal permissions).

Browse Source 
We should always allow users to log out if they are authenticated. This
doesn't need to use the global permissions.
This commit is contained in:
Tom Hacohen 2020-10-13 12:09:29 +03:00
parent 47f3e08846
commit c7bd01b2d1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django_etebase/views.py
View File

@ -756,7 +756,7 @@ class AuthenticationViewSet(viewsets.ViewSet):
return Response(data, status=status.HTTP_200_OK) return Response(data, status=status.HTTP_200_OK)
@action_decorator(detail=False, methods=['POST'], permission_classes=BaseViewSet.permission_classes) @action_decorator(detail=False, methods=['POST'], permission_classes=[IsAuthenticated])
def logout(self, request, *args, **kwargs): def logout(self, request, *args, **kwargs):
request.auth.delete() request.auth.delete()
user_logged_out.send(sender=request.user.__class__, request=request, user=request.user) user_logged_out.send(sender=request.user.__class__, request=request, user=request.user)