#11223: logout view of authentication broken
------------------------------+---------------------------------------------
Reporter: ttsmith | Owner: nobody
Status: new | Milestone:
Component: Authentication | Version: SVN
Keywords: | Stage: Unreviewed
Has_patch: 0 | Needs_docs: 0
Needs_tests: 0 | Needs_better_patch: 0
------------------------------+---------------------------------------------
In the documentation for the authentication logout view it says that the
redirect_field_name, which defaults to 'next', will override the value for
next_page. This is not the case. The redirect_field_name works fine when
next_page is not defined, but if next_page is defined then its value we be
used even if you pass in a value with the redirect_field_name.
For example the following works fine and correctly redirect to
http://www.example.com/foo/
{{{
route: url(r'^logout/$', 'django.contrib.auth.views.logout', {} ,
name='logout')
or
route: url(r'^logout/$', 'django.contrib.auth.views.logout',
{'redirect_field_name': 'next'}, name='logout')
and
url: http://www.example.com/logout/?next=/foo/
}}}
But this doesn't and redirects the http://www.example.com/
{{{
route: url(r'^logout/$', 'django.contrib.auth.views.logout', {'next_page':
'/'}, name='logout')
or
route: url(r'^logout/$', 'django.contrib.auth.views.logout', {'next_page':
'/', 'redirect_field_name': 'next'}, name='logout')
and
url: http://www.example.com/logout/?next=/foo/
}}}
Shouldn't the function in '.../django/contrib/auth/views.py' be something
like.
{{{
def logout(request, next_page=None,
template_name='registration/logged_out.html',
redirect_field_name=REDIRECT_FIELD_NAME):
"Logs out the user and displays 'You are logged out' message."
from django.contrib.auth import logout
logout(request)
redirect_to = request.REQUEST.get(redirect_field_name, '')
if redirect_to:
return HttpResponseRedirect(redirect_to)
elif next_page is None:
return render_to_response(template_name,
{'title': _('Logged out')},
context_instance=RequestContext(request))
else:
# Redirect to this page until the session has been cleared.
return HttpResponseRedirect(next_page or request.path)
}}}
--
Ticket URL: <http://code.djangoproject.com/ticket/11223>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
