zedfrigg/bookwyrm
1
0
Fork 0
Code Activity

Merge pull request #2214 from bookwyrm-social/logout-post

Browse source 
Use POST instead of GET for logout function
This commit is contained in:
Mouse Reeve 2022-07-10 09:54:02 -07:00 committed by GitHub
commit bead43a20a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
bookwyrm/settings.py
View file

@ -11,7 +11,7 @@ from django.utils.translation import gettext_lazy as _
env = Env() env = Env()
env.read_env() env.read_env()
DOMAIN = env("DOMAIN") DOMAIN = env("DOMAIN")
VERSION = "0.4.2" VERSION = "0.4.3"
RELEASE_API = env( RELEASE_API = env(
"RELEASE_API", "RELEASE_API",

12
bookwyrm/templates/user_menu.html
View file

@ -68,9 +68,15 @@
<li class="navbar-divider" role="presentation" aria-hidden="true">&nbsp;</li> <li class="navbar-divider" role="presentation" aria-hidden="true">&nbsp;</li>
<li role="menuitem"> <li role="menuitem">
<a href="{% url 'logout' %}" class="navbar-item"> <form
{% trans 'Log out' %} name="logout"
</a> method="POST"
action="{% url 'logout' %}"
class="navbar-item"
>
{% csrf_token %}
<button type="submit">{% trans 'Log out' %}</button>
</form>
</li> </li>
</ul> </ul>
</div> </div>

2
bookwyrm/views/landing/login.py
View file

@ -77,7 +77,7 @@ class Login(View):
class Logout(View): class Logout(View):
"""log out""" """log out"""
def get(self, request): def post(self, request):
"""done with this place! outa here!""" """done with this place! outa here!"""
logout(request) logout(request)
return redirect("/") return redirect("/")