From acea5a6f4e977d1350c21f0ce34509c8afde0c1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20P=C3=A9pin?= Date: Sat, 2 Oct 2021 17:02:30 +0200 Subject: [PATCH] Handle LOGOUT_URL=None in the logout view The view used to crash when `LOGOUT_URL` was not set and the user was connect via CAS. Cause: we assumed the result of `LogoutView.get_next_page()` to be a string and tried to prepend the domain name of the site to it. Fix: redirect to the CAS' logout view without any `next_page` parameter. --- authens/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authens/views.py b/authens/views.py index a1e47da..1ff593d 100644 --- a/authens/views.py +++ b/authens/views.py @@ -145,7 +145,7 @@ class LogoutView(auth_views.LogoutView): # If the next_url is local (no hostname), make it absolute so that the user # is correctly redirected from CAS. - if not urlparse(next_page).netloc: + if next_page and not urlparse(next_page).netloc: request = self.request next_page = urlunparse( (request.scheme, request.get_host(), next_page, "", "", "")