21👍
Solved It! It was because of BasicAuthentication being enabled. I guess i logged in via HTTP login in browser and logout doesnt seem to work for that.I removed BasicAuthentication and everything seems to work fine now.
5👍
I encountered this problem today and solved it by changing the order to the following:
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.TokenAuthentication',
),
- Django Test Run Environment error: no enough space left on disk
- Django – Function inside a model. How to call it from a view?
- Pycharm + Django 1.3 + STATIC_URL in templates = Unresolved static reference
- Django easy-thumbnails vs sorl-thumbnail differences
4👍
Actually logout is working, but during the redirect (to a view that requires authentication, because we use permission IsAuthenticated) at the end of logout, BasicAuth auth the request again using cached HTTP authentication header information:
auth = request.META.get('HTTP_AUTHORIZATION', b'')
So like OP said, we can disable BasicAuth and use SessionAuth only. But the thing is, we sometimes may need to access API without GUI, we can use TokenAuth instead. Since BasicAuth/TokenAuth is not so secure anyway (https://www.rfc-editor.org/rfc/rfc2617), it might be better that we use OAuth2 or other more secure auth schemes. It depends on the demands anyway.
- Redirect if already logged in through Django urls?
- Django GROUP BY strftime date format
- Django test client response context None