I am using django-braces's LoginRequiredMixin in a Django 1.6 project. This mixin replicates Django's login_required decorator.
I have a view that uses the LoginRequiredMixin that has a URL like this: /spa_home/#price_requests/68. If I try to hit this URL without being logged in, the mixin correctly sends me to the login page with a request like this: /accounts/login/?next=/spa_home/#price_requests/68. Unfortunately, after successfully logging in, the URL hash fragment is left off and I am just redirected to /spa_home/.
What is the best way to fix this? Removing hash fragments from my application would be a large effort.
The issue is the way the browser interprets the login URL. You want it to be intepreted like this:
/accounts/login/?next="/spa_home/#price_requests/68"
but actually, it is seen like this:
"/accounts/login/?next=/spa_home/"#price_requests/68
In other words, the hash is seen as attaching to the login URL itself, not the redirect parameter.
The way to fix this is to quote the parameter:
urllib.quote('/spa_home/#price_requests/68')
which gives you /spa_home/%23price_requests/68, which will be interpreted correctly.
Related
I am doing a panchayath solid waste management project in django. What I want to do is, only allow Admin to add Panchayath member only if they are logged in. And I gave login_required decorator and its working fine ie when I visit the AddMember view without login in, it is getting redirected. But problem is when Admin log in and goes to AddMember view, it is also redirecting to login page. So anyone explain me the correct working of login_required??
I am rather new to Django and all of the work I have done so far has been with models/views/viewsets.. The site I am working on incorporates Django allauth for authentication. I have successfully edited/styled the login/logout templates, but the page will be accessed by people who are given credentials created in the admin section rather than signing up on their own- so the sign up page is unnecessary. I'd like to just show a 404 page anytime someone lands on the signup page. I have already removed all the links to the signup page from the other templates.
In short- how do I just redirect someone to the Django default page_not_found when they hit /accounts/signup/?
My attempts so far have revolved around editing the URLs.py file to include something like path('account_signup', page_not_found) (after importing it at the top), or some other manipulation of that line. I'm probably missing something really easy, as I have been getting a little frustrated... And I haven't found any stack overflows where someone was desiring a 404 when a user navigated to one of the allauth account pages.
In order to server 404 pages automatically for not found url, create a 404 view and then in main projects urls.py have below code
Read the Official docs
handler404 = 'mysite.views.my_custom_page_not_found_view'
For redirecting use Redirect View in django docs
from django.views.generic.base import RedirectView
url('/accounts/signup/', RedirectView.as_view(url='/', permanent=False),name='index')
Note their is 404 page for developers builts in django, but once you turn debug=False in settings for production apps,it is not visible,
You can simply not use the signup page in your urls.
On the other hand, it is bad practice to use createsuperuser to create users, since by default they will have enough privileges, even to log in to admin and edit things. The right thing to do is to create a user with some method you want, and with the permissions you give them.
This last one will allow you to use a decorator in your signup view that only allows access to that page in case you have an account with a particular privilege, and not any user. There is no point in returning a 404.
How can "http://my-domain.com/users" return a unique profile page for each user?
RedirectView in Django is normal view. It can take parameters from URL dispatcher, do some logic and decide where to redirect, based on that parameters (or even something more).
New URL can be fetched from database, built using parameters from dispatcher or even randomized.
You can also use old, function based view and simply return HttpResponseRedirect.
I'm currently using out-of-the-box django.contrib.auth to handle authentication in my Django app. This means that the user starts at a log in page and is redirected to the app on successful login. I would like to make my app single-page, including this login process, where a redirect doesn't happen, but maybe a "hot" template switch-out or some fancy client-side div magic (that still remains secure). My Google searching turned up pretty short, the closest solution dealing with putting a log in form on every page.
Any direction or ideas here would be much appreciated. I would obviously prefer to work within the existing confines of django.contrib.auth if possible, but I'm open to all solutions.
I'm not sure I understand your question completely. I think you want to have a single page. If so, put logic in your template that checks to see if the user is authenticated. If not, display a login form that POSTS to the appropriate django.contrib.auth view. You can supply an argument to this view to have it redirect back to your page. When you come back, the user will be authenticated, so you won't display the login form.
Have a look at Django-Easy-Pjax https://pypi.python.org/pypi/django-easy-pjax - it works like a charm and is well documented. Everything you like is being made with AJAX requests: links, forms using GET and forms using POST.
Essentially you only need to add a data-pjax="#id_of_the_container_where_the_result_goes" attribute in your a and form tags.
And the great thing about it: It updates the title and location bar of your browser.
One caveat: If you want to upload files in some form, this is not supported by Easy-Pjax, so you might want to use some workaround jQuery library for that.
I am facing a problem: I want to give a link in my change form that will redirect to a page which may be simple php page also or any page, in that page I want to perform some db queries and display them. I also wan to pass id on click. Is it possible?
In my view.py I wrote:
from django.shortcuts import render_to_response
from django.template import RequestContext
def MyClass(self,id,request):
return render_to_response('admin/custom_change_form.html')#my template location
My model and admin files are simple.
To send to a file directly, use direct_to_template(). You can pass anything in the url that you like - just give the information to your template, and write it in the url. After all, Django doesn't require url helpers.
I sense that whatever you're trying to do is some god-awful hackish thing that would be much better served by doing it all in Django.
You will need to override your change form for that model and display whatever you would like. But that is making the assumption you are talking about the contrib admin within Django.
Realistically you have not provided sufficient information for anyone to accurately answer your question.