Opened 17 years ago
Closed 16 years ago
#3407 closed (fixed)
[patch] added 'default_next' parameter to django.core.auth.views.login
| Reported by: | Owned by: | nobody | |
|---|---|---|---|
| Component: | contrib.admin | Version: | dev |
| Severity: | Keywords: | auth login next | |
| Cc: | treborhudson@… | Triage Stage: | Accepted |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
just as in #377, having default next hardcoded doesn't feel good, pythonic, etc., but a simple hack has come to remedy that:
Index: views.py
===================================================================
--- views.py (wersja 4454)
+++ views.py (kopia robocza)
@@ -8,7 +8,7 @@
from django.contrib.auth.decorators import login_required
from django.contrib.auth import LOGIN_URL, REDIRECT_FIELD_NAME
-def login(request, template_name='registration/login.html'):
+def login(request, template_name='registration/login.html', default_next='/accounts/profile/'):
"Displays the login form and handles the login action."
manipulator = AuthenticationForm(request)
redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, '')
@@ -17,7 +17,7 @@
if not errors:
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or '://' in redirect_to or ' ' in redirect_to:
- redirect_to = '/accounts/profile/'
+ redirect_to = default_next
from django.contrib.auth import login
login(request, manipulator.get_user())
request.session.delete_test_cookie()
I'm aware that it's not a generic view, but it doesn't make sense for so much to be hardcoded just for what seems purely naming reasons.
Attachments (1)
Change History (5)
Changed 17 years ago by
| Attachment: | django_auth_views_login_provide_next.diff added |
|---|
comment:1 Changed 17 years ago by
| Cc: | treborhudson@… added |
|---|
A somewhat related bug #3372 about password_change defaulting to /accounts/profile/ because it's decorated with the login_required decorator.
I think having the LOGIN_URL variable be a global_settings.py variable that can be set in settings.py would solve both.
-Rob
comment:2 Changed 17 years ago by
Sorry, I read this as /accounts/profile/ not /accounts/login/. Disregard the previous comment about LOGIN_URL solving both bugs.
This bug can be dealt with by putting a default next in the login template, but I agree that this type of logic should be in the Python code, not the template.
comment:3 Changed 17 years ago by
| Component: | Uncategorized → Admin interface |
|---|---|
| Owner: | changed from Jacob to Adrian Holovaty |
| Triage Stage: | Unreviewed → Accepted |
comment:4 Changed 16 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
This has apparently been fixed in a different fashion; the login view takes a redirect_field_name argument which looks at the URL to determine where to redirect, and falls back to settings.LOGIN_REDIRECT_URL as a default.
default_next login view parameter