Starting In django 4.1, the auth LogoutView requires a POST (not a GET) request: Is there a built-in form so I can get the CSRF?

Question

As of Aug 23, 2022 (20 days after 4.1 release), google search could not find the answer...!

So, asking on SO.

Answer 1

There is no built-in form, because the view only requires a POST request (and all POST requests require the CSRF token unless CSRF exempt), not any specific data that a form would submit.

The release notes for Django 4.1 explicitly post this example snippet for a logout POST form disguising as a link:

<form id="logout-form" method="post" action="{% url 'admin:logout' %}">
  {% csrf_token %}
  <button type="submit">{% translate "Log out" %}</button>
</form>

#logout-form {
  display: inline;
}
#logout-form button {
  background: none;
  border: none;
  cursor: pointer;
  padding: 0;
  text-decoration: underline;
}