login - django rest framework - token authentication logout

Question

Welcome To Ask or Share your Answers For Others

login - django rest framework - token authentication logout

posted Oct 7, 2021 in Technique[技术] by 深蓝 (71.8m points)

login - django rest framework - token authentication logout

I have implemented the Token Authentication according to the django rest framework Docs.

Form what I read, the Token Authentication of DRF is quite simple - one token per user, the token doesn't expire and is valid for use always (am I right?).

I understand that there are better practices out there, but for now the DRF token authentication is fine for me.

my question is- what is the best practice for logout with the normal DRF token authentication?

I mean, when the user logs out, should I delete the token from the client side? and then on login get the token again? should I delete the token and generate a new one?

Anyone with experience with this?

question from:https://stackoverflow.com/questions/30739352/django-rest-framework-token-authentication-logout

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-06T17:41:54+0000

Here's a simple view that I'm using to log out:

from rest_framework import status
from rest_framework.response import Response
from rest_framework.views import APIView

class Logout(APIView):
    def get(self, request, format=None):
        # simply delete the token to force a login
        request.user.auth_token.delete()
        return Response(status=status.HTTP_200_OK)

Then add it to your urls.py:

urlpatterns = [
    ...
    url(r'^logout/', Logout.as_view()),
]

Categories

login - django rest framework - token authentication logout

login - django rest framework - token authentication logout

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags