Menu
I am not able to logout my current user from the browser mode of the rest api.
This is my settings
REST_FRAMEWORK = {
'PAGINATE_BY': 10,
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.TokenAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
),
}
Is it because i used sessions? Pls help.
The Request and response headers:
Request URL:`http://localhost:8000/api/api-auth/logout/?next=/api/city/`
Request Method:GET
Status Code:302 FOUND
Request Headers:
---------------
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Cookie:sessionid=j7qebcdjdwzwqlmep4eyq3svuial43uv; csrftoken=vK3Ghn3QFVbCe3nKx1LDZBTzM7sRiDym
Host:127.0.0.1:8000
Referer:`http://localhost:8000/api/city/`
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36
Query String Parametersview sourceview URL encoded
next:/api/city/
Response Headers
----------------
Content-Type:text/html; charset=utf-8
Date:Mon, 15 Jul 2013 20:46:35 GMT
Location:`http://localhost:8000/api/city/`
Server:WSGIServer/0.1 Python/2.7.4
Set-Cookie:sessionid=b1x24z93dqu384lqirtv5r9npy16s0qx; expires=Mon, 29-Jul-2013 20:46:35 GMT; httponly; Max-Age=1209600; Path=/
Vary:Cookie
263
Open App Manager Settings and click on 'Force Logout', under the 'User Management' title, in the settings menu.
Logout is a noun, to be used like so: "go to the logout screen". Log out is an action, to be used like so: "you need to log out".
Click See more under “Where you're logged in). Click Log out of all sessions. You will find this option at the end of the list of devices you have logged in to. Click Log out on the popup to confirm that you want to log out on all the devices you are currently logged in.
Logout is the act of terminating an authenticated session when it's no longer needed, thus minimizing the likelihood that unauthorized parties can "take over" the session. This is typically achieved by provisioning a logout option on the user interface you provide to your users.
I encountered this problem today and solved it by changing the order to the following:
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.TokenAuthentication',
),
Solved It! It was because of BasicAuthentication being enabled. I guess i logged in via HTTP login in browser and logout doesnt seem to work for that.I removed BasicAuthentication and everything seems to work fine now.
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
