Fix LogoutSerializer for JWT/dj_rest_auth #1392

Author: tfranzel

drf_spectacular/contrib/rest_auth.py

@@ -78,10 +78,9 @@ def view_replacement(self):
 
         if (
             get_use_jwt()
-            and getattr(settings, 'SIMPLE_JWT', {}).get('BLACKLIST_AFTER_ROTATION', False)
             and 'rest_framework_simplejwt.token_blacklist' in settings.INSTALLED_APPS
+            and not get_dj_rest_auth_setting('JWT_AUTH_HTTPONLY', 'JWT_AUTH_HTTPONLY')
         ):
-
             class LogoutSerializer(serializers.Serializer):
                 refresh = serializers.CharField(required=True, allow_blank=False)
 

tests/contrib/test_rest_auth.py

@@ -82,7 +82,8 @@ class XViewset(viewsets.ModelViewSet):
 
 
 @pytest.mark.contrib('dj_rest_auth', 'rest_framework_simplejwt')
-@mock.patch('dj_rest_auth.app_settings.api_settings.USE_JWT', True, create=True)
+@mock.patch('dj_rest_auth.app_settings.api_settings.USE_JWT', True)
+@mock.patch('dj_rest_auth.app_settings.api_settings.JWT_AUTH_HTTPONLY', False)
 def test_rest_auth_token_blacklist(no_warnings, settings):
     # flush module import cache to re-evaluate conditional import
     import dj_rest_auth.urls
@@ -92,15 +93,13 @@ def test_rest_auth_token_blacklist(no_warnings, settings):
         'rest_framework_simplejwt',
         'rest_framework_simplejwt.token_blacklist',
     )
-    settings.SIMPLE_JWT = {
-        'BLACKLIST_AFTER_ROTATION': True
-    }
-
     urlpatterns = [
         path('rest-auth/', include('dj_rest_auth.urls')),
     ]
     schema = generate_schema(None, patterns=urlpatterns)
-    assert get_request_schema(schema['paths']['/rest-auth/logout/']['post'])['$ref'] == '#/components/schemas/Logout'
+    assert get_request_schema(schema['paths']['/rest-auth/logout/']['post'])['$ref'] == (
+        '#/components/schemas/Logout'
+    )
     assert schema['components']['schemas']['Logout'] == {
         'type': 'object',
         'properties': {