Clarify behavior and documentation for login (404) and logout (405) routes

[yydsjkl]

During university software testing using Django, we encountered two issues that might confuse new users:

1. Accessing /login/ returns a 404 because Django doesn’t create a default login route.
2. Accessing /logout/ returns a 405 (Method Not Allowed) because LogoutView only allows POST.

While these are not actual bugs, they can be confusing for beginners. The documentation could be improved to explain:

• Why these responses occur.
• How to properly configure LoginView and LogoutView manually.

Suggested improvement:
Add a clarification in the Django authentication documentation
(​https://docs.djangoproject.com/en/stable/topics/auth/default/)
showing that:

• /login/ is not created automatically.
• /logout/ requires POST by design for CSRF protection.
• Example code:

  from django.contrib.auth import views as auth_views
  urlpatterns = [
      path('login/', auth_views.LoginView.as_view(template_name='login.html')),
      path('logout/', auth_views.LogoutView.as_view(next_page='/')),
  ]

[yydsjkl]

Proposed Fix

Below is a proposed fix for the login page (404) issue discussed in this ticket.
This fix demonstrates how a Django project can manually define a login route, view, and template.
It also helps clarify to new users why the default /login/ route does not exist.

# mysite/urls.py
from django.urls import path
from . import views

urlpatterns = [
    path('admin/', admin.site.urls),
    path('login/', views.login_view, name='login'),  # Added login route
]
# myapp/views.py
from django.shortcuts import render

def login_view(request):
    return render(request, 'login.html')

<!-- templates/login.html -->
<h1>Login Page</h1>
<form method="post">
  {% csrf_token %}
  <input type="text" name="username" placeholder="Username">
  <input type="password" name="password" placeholder="Password">
  <button type="submit">Login</button>
</form>