Benjamin Toueg
2018-06-26 09:29:49 UTC
Hi,
My logout endpoint requires authentication.
If I call the logout endpoint without being authenticated, it's not
registered as a hit because error HTTP 401 is raised (cf. code
<https://github.com/encode/django-rest-framework/blob/df77f7bb9d40f83d92848fd0afd5c61e281eeb48/rest_framework/views.py#L390>
)
I'm wondering if it's the expected behaviour or if we should check_throttles
before check_permissions.
(posting here b/c not really a Github issue, and too broad for
StackOverflow)
My logout endpoint requires authentication.
If I call the logout endpoint without being authenticated, it's not
registered as a hit because error HTTP 401 is raised (cf. code
<https://github.com/encode/django-rest-framework/blob/df77f7bb9d40f83d92848fd0afd5c61e281eeb48/rest_framework/views.py#L390>
)
I'm wondering if it's the expected behaviour or if we should check_throttles
before check_permissions.
(posting here b/c not really a Github issue, and too broad for
StackOverflow)
--
You received this message because you are subscribed to the Google Groups "Django REST framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-framework+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Django REST framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-framework+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.