Change handling for logout on GET

+ Make it require allauth
+ Add a note to docs that it’s not a recommended setting

Author: maxim-kht

docs/api_endpoints.rst

@@ -13,7 +13,7 @@ Basic
 
 - /rest-auth/logout/ (POST, GET)
 
-    .. note:: ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET (this is the exact same conf from allauth)
+    .. note:: (requires allauth) ``ACCOUNT_LOGOUT_ON_GET = True`` to allow logout using GET - this is the exact same conf from allauth. NOT recommended, see: http://django-allauth.readthedocs.io/en/latest/views.html#logout
 
     - token
 

rest_auth/views.py

@@ -94,13 +94,10 @@ class LogoutView(APIView):
     permission_classes = (AllowAny,)
 
     def get(self, request, *args, **kwargs):
-        try:
-            if allauth_settings.LOGOUT_ON_GET:
-                response = self.logout(request)
-            else:
-                response = self.http_method_not_allowed(request, *args, **kwargs)
-        except Exception as exc:
-            response = self.handle_exception(exc)
+        if 'allauth' in settings.INSTALLED_APPS and allauth_settings.LOGOUT_ON_GET:
+            response = self.logout(request)
+        else:
+            response = self.http_method_not_allowed(request, *args, **kwargs)
 
         return self.finalize_response(request, response, *args, **kwargs)