You need to set the permission_classes class

from rest_framework.generics import GenericAPIView
from rest_framework.permissions import IsAuthenticated


class Logout(GenericAPIView):
    permission_classes = [IsAuthenticated]
    authentication_classes = [YourAuthClass] 

    def get(self, request, format=None):
        # simply delete the token to force a login
        request.user.auth_token.delete()
        return Response(status=status.HTTP_200_OK)

Note: You may need to set authentication_classes as well if you didn’t set a default class.