Closed erkesado closed 5 months ago
@erkesado Great catch! Since Django 5 the logout view only accepts post requests. This is an issue with djangocms-admin-style. I'll transfer it.
@erkesado Can I interest you in contributing a patch?
It's these lines which create a link to Django's logout view which upon clicking creates an HTML GET request to the view: https://github.com/django-cms/djangocms-admin-style/blob/1428c0d0bfb0cc22ca704982dbcabf931b997b0f/djangocms_admin_style/templates/admin/inc/branding.html#L26-L30
Since Django 5, only POST requests are accepted (before also GET). Without Javascript you'll get a POST request if you turn that <a>
tag into a small form:
<form method="POST" action="{% url 'admin:logout' %}">
{% csrf_token %}
<button type="submit">{% trans 'Log out' %} {% firstof user.get_short_name user.get_username %}</button>
</form>
Since that form should look like a menu entry, the sass files need an addition to render a <form>
-<button>
combination exactly like a <a>
link. The form element should not be visible at all (no margins, paddings, etc.), the button should be styled like a link.
What do you think?
@fsbraun Great. I'm taking this issue.
Summary
If I go to http://localhost:8000/en/admin/cms/pagecontent/ and then click Django administration > Logout user, a 405 error is raised, and "Method Not Allowed (GET): /en/admin/logout/" is printed on the console.![Screenshot from 2024-01-19 14-37-34](https://github.com/django-cms/django-cms/assets/18735647/d70adcbd-961a-4ca1-afd8-0c6acf1188fe)
But if I go to the preview mode of a page (e.g. http://localhost:8000/en/admin/cms/placeholder/object/10/preview/4/), Django administration link is replaced by example.com and then example.com > Logout user works like a charm.
Expected behavior
Django administration > Logout user should work normally like example.com > Logout user.
Actual behavior
Django administration > Logout user raises a 405 error.
Environment