I would like to know if auth.logout clears session data or i have to do it by my self.
from django.contrib.auth.decorators import login_required
from django.contrib import auth
@login_required
def logout(request):
auth.logout(request)
return redirect('base:homepage')
Something like this...
from django.contrib.auth.decorators import login_required
from django.contrib import auth
@login_required
def logout(request):
for sesskey in request.session.keys():
del request.session[sesskey]
auth.logout(request)
return redirect('base:homepage')
Thanks!
Yes. Logout flushes the session.
This is its source:
def logout(request):
"""
Removes the authenticated user's ID from the request and flushes their
session data.
"""
# Dispatch the signal before the user is logged out so the receivers have a
# chance to find out *who* logged out.
user = getattr(request, 'user', None)
if hasattr(user, 'is_authenticated') and not user.is_authenticated():
user = None
user_logged_out.send(sender=user.__class__, request=request, user=user)
request.session.flush()
if hasattr(request, 'user'):
from django.contrib.auth.models import AnonymousUser
request.user = AnonymousUser()