Opened 4 years ago

Closed 4 years ago

#31288 closed New feature (wontfix)

New ReplaceAuthMiddleware feature.

Reported by: Théo Huchard Owned by: Théo Huchard
Component: contrib.auth Version: dev
Severity: Normal Keywords: django contrib auth middleware ReplaceAuthMiddleware 3.0 ease of use for big projects
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Hello,

I have developped a new feature as a middleware that I am using for a personal project. I think it could be a great implementation for Django.

Here is an example of usage in the settings.py file:

Code highlighting: 

REPLACE_URL_IF_UNLOGGED = {
    "replace": ["index", "logout"],
    "by": "/login"
}
REPLACE_URL_IF_LOGGED = {
    "replace": ["login"],
    "by": "/"
}

The goal here is to redirect the user if he is logged or unlogged directly from the replace URL.

In my example, if the user is unlogged and trying to access the URL that was defined in urls.py like below:

Code highlighting: 

urlpatterns = [
    path('', index, name="index"),
    path('login', login.view, name='login'),
    path('logout', logout.execute, name='logout')
]

...he will automatically be redirected to the "by" element, just by checking if the user is logged or not.

So in this example, if the user is actually logged in and tries to access the login URL defined in urls.py he'll be redirected to the index URL.
And if the user is unlogged and try to access the index or logout URL, he'll be redirected to the login URL.

I thing that it might be a nice addition to the example in the doc:

Code highlighting: 

from django.contrib.auth.decorators import login_required

@login_required
def my_view(request):
    ...

...since it can ease URL redirection directly from the settings.py file instead of using decorator.

Attachments (1)

middleware.py (2.1 KB ) - added by Théo Huchard 4 years ago.
The middleware code

Download all attachments as: .zip

Change History (4)

by Théo Huchard, 4 years ago

Attachment: middleware.py added

The middleware code

comment:1 by Théo Huchard, 4 years ago

Owner: changed from nobody to Théo Huchard
Status: newassigned

comment:2 by Théo Huchard, 4 years ago

Version: 3.0master

comment:3 by Mariusz Felisiak, 4 years ago

Resolution: wontfix
Status: assignedclosed
Summary: New ReplaceAuthMiddleware featureNew ReplaceAuthMiddleware feature.

Thanks for this ticket, however I don't think that keeping in settings the list of URLs which require to be logged is something that we would like to add to Django. We've already provided multiple ways to achieve this.

Note: See TracTickets for help on using tickets.
Back to Top