I'm still a novice and I'm not sure how I should setup the profile page for users. The django.contrib.auth.views.login will redirect to a accounts/profile page, but how should I actually set this up?
Is it common to just define accounts/profile in urls.py and have it redirect to a template or is it a more complex pattern?
django.views.generic.simple.direct_to_template, {'template':'profile.html'}) where profile.html lives in PROJECT_ROOT/templates/profile.html and extends base.html?
You can either set up a view/url that points to accounts/profile, or you can tell Django to redirect somewhere else after login by setting the LOGIN_REDIRECT_URL param in your settings.py.
There are some reusable apps out there for handing common profile page functionality, take a look at https://bitbucket.org/ubernostrum/django-profiles/wiki/Home or http://code.google.com/p/django-profile/
Related
When I attempt to access my wagtail back-office at /cms/, I get redirected to wagtail's login page, /cms/login/.
However, I would like to use my own custom login, which is default for the rest of the site, and sits at /auth/.
My LOGIN_URL is already set to /auth/ in django settings.
EDIT : it's been suggested that this is a generic question of how do you override namespaced url patterns but this is not the case. The urls are not namespaced, and I was looking for wagtail functionality that adressed this specific issue. Fortunately, that functionality does exist.
WAGTAIL_FRONTEND_LOGIN_URL suggested above is specifically intended just for front end users and there is not an equivalent setting for admin users. You could use redirect_to_login like so:
from django.contrib.auth.views import redirect_to_login
from django.urls import reverse
from wagtail.admin import urls as wagtailadmin_urls
def redirect_to_my_auth(request):
return redirect_to_login(reverse('wagtailadmin_home'), login_url='myauth:login')
urlpatterns = [
url(r'^cms/login', redirect_to_my_auth, name='wagtailadmin_login'),
url(r'^cms/', include(wagtailadmin_urls)),
]
The Wagtail setting WAGTAIL_FRONTEND_LOGIN_URL allows you to configure how users login to the Wagtail admin.
From http://docs.wagtail.io/en/v1.10.1/advanced_topics/privacy.html#setting-up-a-login-page:
If the stock Django login view is not suitable - for example, you wish to use an external authentication system, or you are integrating Wagtail into an existing Django site that already has a working login view - you can specify the URL of the login view via the WAGTAIL_FRONTEND_LOGIN_URL setting
To elaborate on Erick M's answer, since this is the working answer:
You do need to set the correct permission (wagtailadmin.access_admin) or set the is_superuser flag in Django's auth_user database table to be able to access the CMS, otherwise you still get a "permission denied" error.
I thought this had to do with my implementation, but it was already working, but failed because of the above reason.
I would like to have a Django Backend to handle Login : it would be a classic template generated from Django. The main difference is that once the user is logged in, I want django to redirect him to a Single Page App (page served by nginx or an other component but not by Django).
The idea is to have one git repo for my backend, and one git repo for my frontend. I don't want to mix Django templating with my Javascript App (ie AngularJS or React).
Is it possible to proceed like this ? (The main idea is to prevent users who can't login to have access to the SPA app.js file, this file will not be accessible from the classic template django login page)
I don't understand clearly the whole issue but if you just want to prevent unlogged visitors to come to a specific view (page) :
from django.http import HttpResponseRedirect
def access_limited_page(request):
if not request.user.is_authenticated():
# Forced Redirection
return HttpResponseRedirect('/index')
else:
# Welcome to the VIP zone
…
You can assign settings.LOGIN_REDIRECT_URL to the url of your Single Page App. Then just use standard login view from django.
While user logged in, django will redirect to settings.LOGIN_REDIRECT_URL.
I'm using userena for handling the users' profiles. I created an app that override some of userena views and urls.
In particular I've created two different signup forms, so now I have two separate urls:
url(r'^signup/customer/$',....
url(r'^signup/owner/$',...
The original userena signup form was accessible at r'^signup/$'.
Question: How do I override the userena original signup url in order to make it unavailable?
The original url should not be accessible to anyone, so I guess Django should show a 404 page.
In your root urls.py conf, just override the url which you want to disable and direct it to Django 404 (page not found) view:
from django.views.defaults import page_not_found
url(r'^signup/$',
page_not_found,
name='userena_signup'),
If you are already overriding some views and URLs, you could override the signup URL with a view that just returns a 404 response.
I'm trying to use the admin login mechanisms in Django, and redirect to the requested page, and I'm getting a 404 as it's trying to redirect to the url posted, not to the url represented by the next parameter. I'm obviously not understanding something, because when I step through the contrib.auth.login view, it's not parsing the next parameter at all. For example, I have the following view (the main page of the site)
#login_required(login_url='/sdc/admin/login')
def cb_index(request):
#snip
return render_to_response('chargeback_base.html', variables)
So when I enter the url for the cb_index view, /sdc/chargeback/, it properly redirects to the login page, with the next variable set to /sdc/chargeback/, as shown below.
http://localhost:8000/sdc/admin/login/?next=/sdc/chargeback/
The default login view though, from contrib.auth.views, uses that complete url as the redirect_to not the next parameter, so I always get a 404 instead of being redirected to the next url. I can fix it by adding
redirect_to = request.GET.get('next','')
to the POST section of the view, but I thought this was supposed to be built in functionality and it's not working. And more to the point, since this is an edit to the base view, I have to remember to fix this every time I update, which I don't want to do. What am I not understanding?
EDIT:
Login url follows the admin site urls
url(r'^sdc/admin/', include(admin.site.urls)),
The login template is the included login template from the admin site, no changes.
The django auth app has a login view, which you should explicitly include in your url patterns directly.
(r'^accounts/login/$', 'django.contrib.auth.views.login', name='login'),
See the docs on auth views for more information. You don't need to choose /accounts/login/ as your login url. I just want to make it clear that this view is separate from the admin app.
Update LOGIN_URL='/accounts/login/' in your settings, then you don't have to use the login_url parameter when you use the login_required decorator.
Currently, /sdc/admin/login/ is handled by the admin app, but the admin app does provide a login view for this purpose. If you step through the code, you can see that the AdminSite.login method handles the request. This method sets REDIRECT_FIELD_NAME (in your case 'next')to the request path, then calls the auth login view.
I am making a custom administration page in Django. I do not want to reinvent the wheel and thus want to use Django admin login form for the staff to log in and redirect them to /my-url/ afterwards.
However, I can't find the way to redirect user to a custom url after successful login at /admin/.
since I stumbled across the same problem, I noticed the url of the the default login page:
/admin/login/?next=/admin/
so I changed the login page link to
/admin/login/?next=/
to point to the main page
works for the logout page too, nice and simple
I had the same issue.
Instead of redirect after login I used the #staff_member_required decorator
for my view /my-url/ which redirects to the admin login
from django.contrib.admin.views.decorators import staff_member_required
#staff_member_required
def test_list(request):
return HttpResponse('TEST')
If class based views is used check out the method_decorator
The Django auth app comes with a login view which you can hook up to /accounts/login/ or any other url you choose. You can probably use the admin's login template admin/login.html if you don't want to write your own.
By using the login view, the LOGIN_REDIRECT_URL parameter will work. The purpose of the /admin/ page is to display the admin index. I would avoid trying to use it as the login page.
Set LOGIN_REDIRECT_URL in your settings.py file. Documented here.
If you have ?next= parameter set is not enough to set LOGIN_REDIRECT_URL in you setting.py. You need to also handel this parameter. As say docs (https://docs.djangoproject.com/en/4.1/ref/settings/#login-redirect-url):
LOGIN_REDIRECT_URL
Default: '/accounts/profile/'
The URL or named URL pattern where requests are redirected after login
when the LoginView doesn’t get a next GET parameter.
In my case I just set REDIRECT_FIELD_NAME = "" instead of REDIRECT_FIELD_NAME = "next" in my django.contrib.auth and it works fine.