Skip to content

Commit

Permalink
feat: support for admin logout in django 5.0
Browse files Browse the repository at this point in the history
- use POST for social auth logout on Django admin login page
- django admin site returns logoutview response instead of redirect

Django 5.0 has removed the ability to log out via GET requests
in the django.contrib.auth.views.LogoutView
and django.contrib.auth.views.logout_then_login().

Refs: HP-2280, https://docs.djangoproject.com/en/5.0/releases/5.0/
  • Loading branch information
charn committed Mar 14, 2024
1 parent 29e4b2a commit b031c80
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 9 deletions.
10 changes: 5 additions & 5 deletions helusers/admin_site.py
Original file line number Diff line number Diff line change
@@ -1,13 +1,11 @@
import django
from django.apps import apps
from django.contrib import admin
from django.conf import settings
from django.contrib import admin
from django.core.exceptions import ImproperlyConfigured
from django.http import HttpResponseRedirect
from django.urls import reverse
from django.urls import resolve, reverse
from django.utils.translation import gettext_lazy as _


if hasattr(settings, 'SITE_TYPE'):
if settings.SITE_TYPE not in ('dev', 'test', 'production'):
raise ImproperlyConfigured("SITE_TYPE must be either 'dev', 'test' or 'production'")
Expand Down Expand Up @@ -73,8 +71,10 @@ def each_context(self, request):

def logout(self, request, extra_context=None):
if request.session and request.session.get('social_auth_end_session_url'):
# This will allow e.g. to use a subclassed logout view
logout_url = reverse('helusers:auth_logout')
return HttpResponseRedirect(logout_url)
view, args, kwargs = resolve(logout_url)
return view(request, *args, **kwargs)
return super().logout(request, extra_context)


Expand Down
11 changes: 7 additions & 4 deletions helusers/templates/admin/hel_login.html
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{% extends "admin/login.html" %}
{% load static %}
{% load i18n static %}

{% block extrastyle %}
{{ block.super }}
Expand Down Expand Up @@ -33,9 +33,12 @@
{{ block.super }}

{% if request.user and request.user.is_authenticated and helsinki_logout_url %}
<a href="{{ helsinki_logout_url }}">
<button style="margin-left: 9em; width: auto;" class="button grp-button grp-default" type="button">Kirjaudu ulos</button>
</a>
<form id="logout-form" method="post" action="{{ helsinki_logout_url }}">
{% csrf_token %}
<div class="submit-row">
<input type="submit" value="{% translate "Log out" %}">
</div>
</form>
{% endif %}

{% if grappelli_installed %}
Expand Down

0 comments on commit b031c80

Please sign in to comment.