Merge pull request #2214 from bookwyrm-social/logout-post

Use POST instead of GET for logout function
This commit is contained in:
Mouse Reeve 2022-07-10 09:54:02 -07:00 committed by GitHub
commit bead43a20a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 11 additions and 5 deletions

View file

@ -11,7 +11,7 @@ from django.utils.translation import gettext_lazy as _
env = Env()
env.read_env()
DOMAIN = env("DOMAIN")
VERSION = "0.4.2"
VERSION = "0.4.3"
RELEASE_API = env(
"RELEASE_API",

View file

@ -68,9 +68,15 @@
<li class="navbar-divider" role="presentation" aria-hidden="true">&nbsp;</li>
<li role="menuitem">
<a href="{% url 'logout' %}" class="navbar-item">
{% trans 'Log out' %}
</a>
<form
name="logout"
method="POST"
action="{% url 'logout' %}"
class="navbar-item"
>
{% csrf_token %}
<button type="submit">{% trans 'Log out' %}</button>
</form>
</li>
</ul>
</div>

View file

@ -77,7 +77,7 @@ class Login(View):
class Logout(View):
"""log out"""
def get(self, request):
def post(self, request):
"""done with this place! outa here!"""
logout(request)
return redirect("/")