#541 Check for refresh cookie when JWT_AUTH_HTTPONLY is True

iMerica / dj-rest-auth

Authentication for Django Rest Framework

https://dj-rest-auth.readthedocs.io/en/latest/index.html

MIT License

1.62k stars 302 forks source link

#541 Check for refresh cookie when JWT_AUTH_HTTPONLY is True #572

Closed Routhinator closed 7 months ago

Routhinator commented 7 months ago

This conditionally checks cookies for the refresh token to blacklist when black list is enabled and JWT_AUTH_HTTPONLY is true, in order to address errors when attempting to use the /auth/logout endpoint when both are enabled.

This addresses #541

Routhinator commented 7 months ago

Hmm :thinking: - failing check doesn't seem to have to do with this change.. looks like the upstream, looking at it.

Routhinator commented 7 months ago

Nope that was me :facepalm: - should be passing now.