dj-rest-auth Logout fails with a 403 when USE_JWT is true and JWT_AUTH

Logout fails with a 403 when USE_JWT is true and JWT_AUTH_HTTPONLY is false

Open Dody56 opened this issue 4 months ago • 0 comments

Looking at the code of the LogoutView, I am surprised that when USE_JWT is true and JWT_AUTH_HTTPONLY is false, the code only searches for the refresh_token in the request data without also checking the cookies. What do you think?

Oct 19 '24 11:10 Dody56

dj-rest-auth dj-rest-auth copied to clipboard

Logout fails with a 403 when USE_JWT is true and JWT_AUTH_HTTPONLY is false

dj-rest-auth
dj-rest-auth copied to clipboard