Opened 16 years ago

Closed 16 years ago

#7577 closed (invalid)

Small change to not display login page for logged users

Reported by: Fido Owned by:
Component: contrib.auth Version: dev
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


File django.contrib.auth.views

def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
    "Displays the login form and handles the login action."
    manipulator = AuthenticationForm()
    redirect_to = request.REQUEST.get(redirect_field_name, '')
    if request.user.is_authenticated() or request.POST:
        # Light security check -- make sure redirect_to isn't garbage.
        if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
            from django.conf import settings
            redirect_to = settings.LOGIN_REDIRECT_URL

    if request.user.is_authenticated():
         return HttpResponseRedirect(redirect_to)
    if request.POST:
        errors = manipulator.get_validation_errors(request.POST)
        if not errors:
            from django.contrib.auth import login
            login(request, manipulator.get_user())
            if request.session.test_cookie_worked():
            return HttpResponseRedirect(redirect_to)
        errors = {}

Change History (2)

comment:2 by Karen Tracey <kmtracey@…>, 16 years ago

Resolution: invalid
Status: newclosed

Please see for the correct way to submit patches. A block of code in the description makes it very hard to see what you are proposing to change, exactly. A diff against the existing code makes it much clearer.

This particular code has been converted to use newforms as part of the newforms-admin work, so it's doubtful the version you have posted will be changed. If you want to proceed with proposing this change, please produce a diff against the newforms-admin version of the code.

You have also neglected to include any description of the overall problem you are trying to solve. How does one get into the situation where login is called for an already-authenticated user? What then happens that you are trying to avoid? From the summary description I guess it has something to do with re-display of the login page but without a step-by-step account of how you ran into the problem situation its hard to evaluate the proposed fix.

Note: See TracTickets for help on using tickets.
Back to Top