id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
11223	logout view of authentication broken	Terrell Smith	Brandon M Height	"In the documentation for the authentication logout view it says that the redirect_field_name, which defaults to 'next', will override the value for next_page.  This is not the case.  The redirect_field_name works fine when next_page is not defined, but if next_page is defined then its value we be used even if you pass in a value with the redirect_field_name.

For example the following works fine and correctly redirect to http://www.example.com/foo/

{{{
route: url(r'^logout/$', 'django.contrib.auth.views.logout', {} , name='logout')
or
route: url(r'^logout/$', 'django.contrib.auth.views.logout', {'redirect_field_name': 'next'}, name='logout')
and
url: http://www.example.com/logout/?next=/foo/
}}}

But this doesn't and redirects the http://www.example.com/

{{{
route: url(r'^logout/$', 'django.contrib.auth.views.logout', {'next_page': '/'}, name='logout')
or
route: url(r'^logout/$', 'django.contrib.auth.views.logout', {'next_page': '/', 'redirect_field_name': 'next'}, name='logout')
and
url: http://www.example.com/logout/?next=/foo/
}}}

Shouldn't the function in '.../django/contrib/auth/views.py' be something like.
{{{ 
def logout(request, next_page=None, template_name='registration/logged_out.html', redirect_field_name=REDIRECT_FIELD_NAME):
    ""Logs out the user and displays 'You are logged out' message.""
    from django.contrib.auth import logout
    logout(request)
    redirect_to = request.REQUEST.get(redirect_field_name, '')
    if redirect_to:
        return HttpResponseRedirect(redirect_to)
    elif next_page is None:
        return render_to_response(template_name, 
                                  {'title': _('Logged out')}, 
                                  context_instance=RequestContext(request))
    else:
        # Redirect to this page until the session has been cleared.
        return HttpResponseRedirect(next_page or request.path)
}}}"		closed	contrib.auth	dev		fixed		miracle2k bmheight@…	Accepted	1	0	0	0	0	0