After pushing log out button the app is forwarding me to https://it-company-task-manager-uzrc.onrender.com/accounts/login/
But there is an empty page and after log out I'm still logged in and can do things (create task etc)
I tried to solve it in different ways, but nothing changes. You can check it by yourself: https://it-company-task-manager-uzrc.onrender.com
sidebar.html:
<li class="">
<a href="{% url 'login' %}" class="icon">
<i class="fa-solid fa-right-from-bracket"></i>
<span class="ml-4">Log out</span>
</a>
</li>
login.html:
{% extends "base.html" %}
{% load static %}
{% block login %}
<section class="login-content">
<div class="container">
<div class="row align-items-center justify-content-center height-self-center">
<div class="col-lg-8">
<div class="card auth-card">
<div class="card-body p-0">
<div class="d-flex align-items-center auth-content">
<div class="col-lg-6 bg-primary content-left">
<div class="p-3">
<h2 class="mb-2 text-white">Sign In</h2>
<p>Login to stay connected.</p>
{% if form.non_field_errors %}
{{ form.non_field_errors }}
{% endif %}
<form action="{% url 'login' %}" method="post">
{% csrf_token %}
<div class="row">
<div class="col-lg-12">
<div class="floating-label form-group">
{% if form.username.errors %}
{{ form.username.errors }}
{% endif %}
<input class="floating-input form-control" type="text" name="username" placeholder="Username">
</div>
</div>
<div class="col-lg-12">
<div class="floating-label form-group">
{% if form.password.errors %}
{{ form.password.errors }}
{% endif %}
<input class="floating-input form-control" type="password" name="password" placeholder="Password">
</div>
</div>
</div>
<input type="hidden" name="next" value="{{next}}" />
<button type="submit" class="btn btn-white">Sign In</button>
</form>
</div>
</div>
<div class="col-lg-6 content-right">
<img src="{% static 'images/login/01.png' %}" class="img-fluid image-right" alt="">
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
{% endblock %}
settings:
LOGIN_REDIRECT_URL = "/"
LOGOUT_REDIRECT_URL = "/accounts/login/"
urls:
from django.contrib import admin
from django.urls import path, include
from django.conf import settings
from django.conf.urls.static import static
from django.views.generic import RedirectView
urlpatterns = [
path("admin/", admin.site.urls),
path("accounts/", include("django.contrib.auth.urls")),
path("", RedirectView.as_view(url="tasks/", permanent=True)),
path("tasks/", include("task.urls", namespace="task")),
path("employees/", include("employee.urls", namespace="employee"))
] + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
If you're using Django 5, it's possible you're running into the same issue that is addressed in these questions:
Essentially, you can no longer access the built-in logout
view with a GET
request; you have to do it with a POST
request.
So, like willeM_ Van Onsem suggests in the first link above, you need to wrap your logout button in a small form:
<form method="post" action="{% url 'logout' %}">
{% csrf_token %}
<button type="submit">logout</button>
</form>
In my Django app, a POST
request to the Django-standard '/logout'
endpoint will log the user out and redirect to a 'logged_out.html'
template that you might already have with the rest of your registration templates (or you might be using the one that already comes with Django).