apps.users.views

`CookieTokenRefreshView`

class CookieTokenRefreshView(jwt_views.TokenRefreshView)

Use the refresh token from an HTTP-only cookie and generate new pair (access, refresh)

post: This endpoint is implemented with normal non-GraphQL request because it needs access to a refresh token cookie, which is an HTTP-only cookie with a path property set; this means the cookie is never sent to the GraphQL endpoint, thus preventing us from adding it to a blacklist.

`LogoutView`

class LogoutView(TokenViewBase)

Clear cookies containing auth cookies and add refresh token to a blacklist.

post: Logout is implemented with normal non-GraphQL request because it needs access to a refresh token cookie, which is an HTTP-only cookie with a path property set; this means the cookie is never sent to the GraphQL endpoint, thus preventing us from adding it to a blacklist.

`complete`

@never_cache
@csrf_exempt
@psa("social:complete")
def complete(request, backend, *args, **kwargs)

Authentication complete view

CookieTokenRefreshView​

LogoutView​

complete​

`CookieTokenRefreshView`

`LogoutView`

`complete`