I fixed this by using set_cookie()
with a manually entered expiry date, rather than delete_cookie()
. Additionally, if I set the domain in Django, it prefixed a period which meant that it didn't match the existing cookie. I didn't enter a domain and it used the default, which worked.
On Tuesday, September 23, 2014 6:09:57 PM UTC+1, Tao Bojlen wrote:
Hi,
I'm using a custom authentication backend for my Django project, and in order to log out I have to delete a cookie that's set by the (external) authentication site.
Here is my view code:
response = django_logout(request,
next_page=post_logout_url)
response.delete_cookie('cookie_name',
domain="cookie_domain")
return response
The Set-Cookie header of the view is fine:
cookie_name=; Domain=cookie_domain; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
But the cookie isn't changed at all - it has the same value and expiry date ("end of session") as before logging out.
Does anyone have any ideas about why this is happening?
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/b0c48f1c-4757-4298-a0b0-ec960f185662%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment