Merge branch '#1392'

Author: tfranzel

drf_spectacular/contrib/rest_auth.py

@@ -23,17 +23,19 @@ def get_dj_rest_auth_setting(class_name, setting_name):
         return getattr(api_settings, setting_name)
 
 
-def get_token_serializer_class():
+def get_use_jwt():
     from dj_rest_auth.__version__ import __version__
 
     if get_version_tuple(__version__) < (3, 0, 0):
-        use_jwt = getattr(settings, 'REST_USE_JWT', False)
+        return getattr(settings, 'REST_USE_JWT', False)
     else:
         from dj_rest_auth.app_settings import api_settings
 
-        use_jwt = api_settings.USE_JWT
+        return api_settings.USE_JWT
+
 
-    if use_jwt:
+def get_token_serializer_class():
+    if get_use_jwt():
         return get_dj_rest_auth_setting('JWTSerializer', 'JWT_SERIALIZER')
     else:
         return get_dj_rest_auth_setting('TokenSerializer', 'TOKEN_SERIALIZER')
@@ -74,12 +76,26 @@ def view_replacement(self):
         else:
             get_schema_params = {'exclude': True}
 
+        if (
+            get_use_jwt()
+            and 'rest_framework_simplejwt.token_blacklist' in settings.INSTALLED_APPS
+            and not get_dj_rest_auth_setting('JWT_AUTH_HTTPONLY', 'JWT_AUTH_HTTPONLY')
+        ):
+            class LogoutSerializer(serializers.Serializer):
+                refresh = serializers.CharField(required=True, allow_blank=False)
+
+            post_request_class = LogoutSerializer
+        else:
+            post_request_class = None
+
         class Fixed(self.target_class):
             @extend_schema(**get_schema_params)
             def get(self, request, *args, **kwargs):
                 pass  # pragma: no cover
 
-            @extend_schema(request=None, responses=RestAuthDetailSerializer)
+            @extend_schema(
+                request=post_request_class, responses=RestAuthDetailSerializer
+            )
             def post(self, request, *args, **kwargs):
                 pass  # pragma: no cover
 

tests/contrib/test_rest_auth.py

@@ -6,7 +6,7 @@
 from django.urls import include, path
 from rest_framework import viewsets
 
-from tests import assert_schema, generate_schema
+from tests import assert_schema, generate_schema, get_request_schema
 from tests.models import SimpleModel, SimpleSerializer
 
 try:
@@ -79,3 +79,35 @@ class XViewset(viewsets.ModelViewSet):
         'jwtCookieAuth': {'type': 'apiKey', 'in': 'cookie', 'name': 'jwt-session'},
         'jwtHeaderAuth': {'type': 'http', 'scheme': 'bearer', 'bearerFormat': 'JWT'}
     }
+
+
+@pytest.mark.contrib('dj_rest_auth', 'rest_framework_simplejwt')
+@mock.patch('dj_rest_auth.app_settings.api_settings.USE_JWT', True)
+@mock.patch('dj_rest_auth.app_settings.api_settings.JWT_AUTH_HTTPONLY', False)
+def test_rest_auth_token_blacklist(no_warnings, settings):
+    # flush module import cache to re-evaluate conditional import
+    import dj_rest_auth.urls
+    reload(dj_rest_auth.urls)
+
+    settings.INSTALLED_APPS += (
+        'rest_framework_simplejwt',
+        'rest_framework_simplejwt.token_blacklist',
+    )
+    urlpatterns = [
+        path('rest-auth/', include('dj_rest_auth.urls')),
+    ]
+    schema = generate_schema(None, patterns=urlpatterns)
+    assert get_request_schema(schema['paths']['/rest-auth/logout/']['post'])['$ref'] == (
+        '#/components/schemas/Logout'
+    )
+    assert schema['components']['schemas']['Logout'] == {
+        'type': 'object',
+        'properties': {
+            'refresh': {
+                'type': 'string',
+            },
+        },
+        'required': [
+            'refresh',
+        ],
+    }