diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py index fd756e33f2..7791d9a7fd 100644 --- a/django/contrib/auth/views.py +++ b/django/contrib/auth/views.py @@ -133,6 +133,10 @@ class LogoutView(SuccessURLAllowedHostsMixin, TemplateView): return HttpResponseRedirect(next_page) return super().dispatch(request, *args, **kwargs) + def post(self, request, *args, **kwargs): + """Logout may be done via POST.""" + return self.get(request, *args, **kwargs) + def get_next_page(self): if self.next_page is not None: next_page = resolve_url(self.next_page) diff --git a/docs/releases/1.11.5.txt b/docs/releases/1.11.5.txt index f650fe4b5a..baa327bc02 100644 --- a/docs/releases/1.11.5.txt +++ b/docs/releases/1.11.5.txt @@ -23,3 +23,6 @@ Bugfixes requires an update to Oracle tables created with Django 1.11.[1-4]. Use the upgrade script in :ticket:`28451` comment 8 to update sequence and trigger names to use the pre-1.11 naming scheme. + +* Added POST request support to ``LogoutView``, for equivalence with the + function-based ``logout()`` view (:ticket:`28513`). diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py index 354eea7899..4e704cb76a 100644 --- a/tests/auth_tests/test_views.py +++ b/tests/auth_tests/test_views.py @@ -922,6 +922,12 @@ class LogoutTest(AuthViewsTestCase): self.assertContains(response, 'Logged out') self.confirm_logged_out() + def test_logout_with_post(self): + self.login() + response = self.client.post('/logout/') + self.assertContains(response, 'Logged out') + self.confirm_logged_out() + def test_14377(self): # Bug 14377 self.login()