id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 19830 staff_member_required decorator should use 'admin.site.login_form' and not rene@… nobody "The staff_member_required decorator in django.contrib.admin.views checks if the user is logged in and is staff. If not it will display the admin login page instead of the decorated view. If the user is not logged in and not staff, a 'defaults' dictionary is build with the following keys: 'template_name', 'authentication_form' and 'extra_context'. The 'template_name' refers to the template to use for the login screen. The 'authentication_form' refers to the form class to use to handle the login form. The two values are now: 'admin/login.html' and 'AdminAuthenticationForm'. See the code block below: {{{ defaults = { 'template_name': 'admin/login.html', 'authentication_form': AdminAuthenticationForm, 'extra_context': { 'title': _('Log in'), 'app_path': request.get_full_path(), REDIRECT_FIELD_NAME: request.get_full_path(), }, } }}} According to this documentation: [https://docs.djangoproject.com/en/1.4/ref/contrib/admin/#root-and-login-templates] a developer can provide it's own login-template and own login-form class to handle 'admin' logins. Should the 'staff_member_required' decorator not refer to these two settings instead of the hard-coded values in the current implementation? Like this: {{{ defaults = { 'template_name': site.login_template or 'admin/login.html', 'authentication_form': site.login_form or AdminAuthenticationForm, 'extra_context': { 'title': _('Log in'), 'app_path': request.get_full_path(), REDIRECT_FIELD_NAME: request.get_full_path(), }, } }}} These is a problem in the above codeblock. The 'site' variable does not exists. I am not sure how to get a reference to the 'admin' site object. " Cleanup/optimization closed contrib.admin dev Normal duplicate staff_member_required authentication_form template_name Accepted 0 0 0 0 0 0