In Django my landing page is http://127.0.0.1/ But when user request any other url like http://127.0.0.1/auth/login/?next=/project/instances/ after login he will land in the page as requested.
The problem here is when the user request for / i send the username from that respective view. If he asks for any other url the context is lost since that view will not be called.My question is in django is there a common function that is called after login.If so what is it ?
What ever the redirects may be a function or decorator should be called from where it is suppose to redirect to the view
Related
This question already has answers here:
How to pass a variable between Flask pages?
(2 answers)
Closed last year.
I am creating a web application in which there is a page (let's call it 'event' page) which is not login protected(i.e. users can see the page without logging in).
The page shows some event details to which user can select if they are attending or not by clicking appropriate button.
Upon clicking the button, user is redirected to login page since they need to login before they can choose an option.
Once the user is goes to login page, I want to redirect the user back to the 'event' page after they login. How do I do that?
If the 'event' page was login protected, I know I can use Flask 'next' to redirect user to the page they were trying to view which needs login. But how do I implement this for pages that are not login protected?
Surprisingly, I used the "session" object in Flask to solve the problem.
I was under the impression that "session" comes into play only after user has logged in, but apparently not.
When user clicked to register their response, before redirecting them to sigin page I stored the current url in the session storage like:
session['prev_url'] = request.url
Then on the signin page, after successful signin, I checked the 'prev_url' key in session, if it exists, I redirected to that page else I redirected to home page. Something like:
if session.get('prev_url') is not None:
return redirect(session.get('prev_url'))
return redirect(url_for('index'))
Django's login_required decorator requires a login before proceeding to any functionality in a view function. If a user is not logged in, they will be redirected through a login screen.
If the HTTP request is a GET, Django sometimes puts the GET destination in a parameter ("next"). Or, Django also has a LOGIN_REDIRECT_URL setting that is a URL a user is forwarded to after login.
If the HTTP request is a POST, that POST data is lost during the login process.
What is the best way to preserve the original URL and POST data for the original POST request, and re-post that data after the user is logged in?
I imagine putting something in a session, but I'd have to intercept the POST data and URL on the way through login_required. The best practice is not obvious to me.
I'm using Django-allauth , I can successfully redirect it to home page by adding this in settings.py:
LOGIN_REDIRECT_URL = '/home'
But is there anyway I can redirect it to pervious page?
What you're looking for should actually work out of the box by using the redirect field, which is next by default:
https://docs.djangoproject.com/en/3.1/topics/auth/default/#django.contrib.auth.mixins.AccessMixin.get_redirect_field_name
The view that is checking for the access permission and redirecting to the login form only needs to pass the URL the user was previously on. If that field is present, the user will be redirected to that particular page after logging in.
How are you restricting login? I assume you're not passing next? The #login_required decorator and the LoginRequiredMixin for class-based views both set next by default.
This is what the docs say about how LoginView handles POST requests:
If called via POST with user submitted credentials, it tries to log the user in. If login is successful, the view redirects to the URL specified in next. If next isn’t provided, it redirects to settings.LOGIN_REDIRECT_URL (which defaults to /accounts/profile/).
I'm trying to use the admin login mechanisms in Django, and redirect to the requested page, and I'm getting a 404 as it's trying to redirect to the url posted, not to the url represented by the next parameter. I'm obviously not understanding something, because when I step through the contrib.auth.login view, it's not parsing the next parameter at all. For example, I have the following view (the main page of the site)
#login_required(login_url='/sdc/admin/login')
def cb_index(request):
#snip
return render_to_response('chargeback_base.html', variables)
So when I enter the url for the cb_index view, /sdc/chargeback/, it properly redirects to the login page, with the next variable set to /sdc/chargeback/, as shown below.
http://localhost:8000/sdc/admin/login/?next=/sdc/chargeback/
The default login view though, from contrib.auth.views, uses that complete url as the redirect_to not the next parameter, so I always get a 404 instead of being redirected to the next url. I can fix it by adding
redirect_to = request.GET.get('next','')
to the POST section of the view, but I thought this was supposed to be built in functionality and it's not working. And more to the point, since this is an edit to the base view, I have to remember to fix this every time I update, which I don't want to do. What am I not understanding?
EDIT:
Login url follows the admin site urls
url(r'^sdc/admin/', include(admin.site.urls)),
The login template is the included login template from the admin site, no changes.
The django auth app has a login view, which you should explicitly include in your url patterns directly.
(r'^accounts/login/$', 'django.contrib.auth.views.login', name='login'),
See the docs on auth views for more information. You don't need to choose /accounts/login/ as your login url. I just want to make it clear that this view is separate from the admin app.
Update LOGIN_URL='/accounts/login/' in your settings, then you don't have to use the login_url parameter when you use the login_required decorator.
Currently, /sdc/admin/login/ is handled by the admin app, but the admin app does provide a login view for this purpose. If you step through the code, you can see that the AdminSite.login method handles the request. This method sets REDIRECT_FIELD_NAME (in your case 'next')to the request path, then calls the auth login view.
I have a login form. When login button is pressed user's homepage is displayed. But pressing browser's back button takes control back to login form.
I am using django development server.
I have tried inserting meta tags to prevent cache and django #no-cache
But it doesnt work out
The default django login page can be viewed when logged in. You could decorate the login view function and redirect the user if already logged in.
response = <the_way_you_create_response> (ie direct_to_template, HttpResponse)
response['Cache-Control'] = 'no-cache, no-store'
return response
and of course you need to check request.user.is_authenticated() in the view (and do the redirect if value is True)
In your login page you need to check if a users session exists and if it does then you should redirect the user to his homepage.
However, this can't be done with a HTML page so you need to use some kinda server side scripting language(PHP, ASP, JSP Etc) for your login page.