What is the proper way to logout the user via class-based view using Django Token Authentication?-CodePudding

I have my login view working perfectly, and I think the logout view should work properly as well, but everytime I click on the button to logout user, it gives error AonymousUser object has not attribute 'auth_token'.

My views.py is below:

class LoginAPIHTML(APIView):
    renderer_classes = [TemplateHTMLRenderer]
    template_name = 'accounts/login.html'

    def get(self, request):        
        serializer = LoginSerializer()
        return Response({'serializer': serializer})

    def post(self, request):
        serializer = LoginSerializer(data=request.data)
        if not serializer.is_valid():
            return Response({'serializer': serializer})
        
        user = authenticate(request, username=request.data['email'], password=request.data['password'])
        
        if user:
            Token.objects.get_or_create(user=user)
            login(request, user)
            return redirect('user')

        else:
            return redirect('login')

class LogoutAPIHTML(APIView):
    permission_classes = [IsAuthenticated]
    authentication_classes = [TokenAuthentication]

    def get(self, request):
        request.user.auth_token.delete()
        logout(request)
        return redirect('login')

and the template from where I click the logout button is below:

<body>
    <h1>Use Details</h1>
 
    {% if request.user.is_authenticated %}
    <a href="{% url 'logout' %}">
        <input type="button" value="Logout"/>
    </a>
    {% else %}
    <h2>{{ message }}</h2>
    {% endif %}
</body>

and my CustomEmailBackend is in authentication.py, and defined as below:

from django.contrib.auth import get_user_model
from django.contrib.auth.backends import ModelBackend

class CustomEmailBackend(ModelBackend):
    def authenticate(self, request, username=None, password=None, **kwargs):
        UserModel = get_user_model()
        try:
            user = UserModel.objects.get(email=username)
        except UserModel.DoesNotExist:
            return None
        else:
            if user.check_password(password):
                return user
        return None

Error details are below:

AttributeError at /logout
'AnonymousUser' object has no attribute 'auth_token'

Traceback Switch to copy-and-paste view
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\django\core\handlers\exception.py, line 55, in inner
                response = get_response(request) …
Local vars
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\django\core\handlers\base.py, line 197, in _get_response
                response = wrapped_callback(request, *callback_args, **callback_kwargs) …
Local vars
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\django\views\decorators\csrf.py, line 54, in wrapped_view
        return view_func(*args, **kwargs) …
Local vars
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\django\views\generic\base.py, line 84, in view
            return self.dispatch(request, *args, **kwargs) …
Local vars
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\rest_framework\views.py, line 509, in dispatch
            response = self.handle_exception(exc) …
Local vars
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\rest_framework\views.py, line 469, in handle_exception
            self.raise_uncaught_exception(exc) …
Local vars
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\rest_framework\views.py, line 480, in raise_uncaught_exception
        raise exc …
Local vars
C:\Users\Khubaib Khawar\AppData\Local\Programs\Python\Python310\lib\site-packages\rest_framework\views.py, line 506, in dispatch
            response = handler(request, *args, **kwargs) …
Local vars
C:\Users\Khubaib Khawar\Downloads\Meistery\Round2\backend_dev_trial_ass_r2\accounts\views.py, line 221, in get
        request.user.auth_token.delete() …
Local vars

CodePudding user response：

I think (you don' t provide the implementation of LoginSerializer) that in your login view you don' t actually create an authentication token. Try this:

from rest_framework.authtoken.models import Token


class LoginAPIHTML(APIView):
    renderer_classes = [TemplateHTMLRenderer]
    template_name = 'accounts/login.html'

    def get(self, request):        
        serializer = LoginSerializer()
        return Response({'serializer': serializer})

    def post(self, request):
        serializer = LoginSerializer(data=request.data)
        if not serializer.is_valid():
            return Response({'serializer': serializer})
        
        user = authenticate(request, username=request.data['email'], password=request.data['password'])
        
        if user:
            Token.objects.create(user=user)  # Here
            login(request, user)
            return redirect('user')

        else:
            return redirect('login')