Code

Opened 8 years ago

Closed 5 years ago

#903 closed enhancement (fixed)

change login_required

Reported by: Dagur Owned by: adrian
Component: contrib.auth Version: master
Severity: minor Keywords: decorators login_required login_url
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: yes Patch needs improvement: no
Easy pickings: UI/UX:

Description

The way it is now the login_required decorator only redirects to /accounts/login

I want to be able to change this so I don't have to change my mod_python settings just to make /accounts urls handled by Django.

Attachments (1)

patch_login_required.diff (3.6 KB) - added by vbmendes 5 years ago.
Adds login_url parameter for login_required decorator and redirect_field_name parameter for permission_required decorator.

Download all attachments as: .zip

Change History (8)

comment:1 Changed 8 years ago by adrian

  • Resolution set to fixed
  • Status changed from new to closed

(In [1440]) Fixed #903 -- Added login_url argument to user_passes_test view decorator. Didn't add it to login_required decorator because that would turn login_required into a callable decorator, which would break backwards compatibility.

comment:2 Changed 8 years ago by adrian

I added a login_url argument to the user_passes_test view decorator. See the new docs at http://www.djangoproject.com/documentation/authentication/#limiting-access-to-logged-in-users-that-pass-a-test .

comment:3 Changed 8 years ago by Dagur

why is backwards compatibility an issue? :-/

comment:4 Changed 8 years ago by umbrae@…

  • Resolution fixed deleted
  • Status changed from closed to reopened

This doesn't actually fix the problem with login_required.

As a previous user suggested somewhere else, perhaps a different approach that would save backwards compatibility would be to allow LOGIN_URL to be settable in settings.py.

For now, the best workaround would be to create your own decorator:

 from django.contrib.auth.decorators import user_passes_test
 login_needed = user_passes_test(lambda u: not u.is_anonymous(), login_url='/login/')

A fix should still be looked into however - it works as a workaround, but shouldn't be a hard and fast solution.

comment:5 Changed 8 years ago by adrian

  • Resolution set to fixed
  • Status changed from reopened to closed

If the current behavior is an issue, see the comment by umbrae@gmail.com for a workaround.

comment:6 Changed 5 years ago by vbmendes

  • Component changed from Core framework to Authentication
  • Has patch set
  • Keywords decorators login_required login_url added
  • Needs tests set
  • Resolution fixed deleted
  • Status changed from closed to reopened
  • Version set to SVN

I am reopening this ticket becouse I don't see a reason for not adding login_url parameter for login_required decorator. It is already callable, and already takes parameters (redirect_field_name). So, why not adding the login_url parameter?

I also realised that permission_required decorator doesn't accepts redirect_field_name. So, why not make a pattern for the acceptable parameters for the auth decorators?

I wrote a patch to create this pattern. Now all three decorators accepts login_url and redirect_field_name. permission_required requires an extra parameter (perm) and user_passes_test requires test_func.

In login_required, the parameters order is different becouse of backwards compatibility, since you can do this expecting 'redirect_to' to be the redirect_field_name:

@login_required('redirect_to')
def my_view(request):

# ...

Changed 5 years ago by vbmendes

Adds login_url parameter for login_required decorator and redirect_field_name parameter for permission_required decorator.

comment:7 Changed 5 years ago by jacob

  • Resolution set to fixed
  • Status changed from reopened to closed

Please don't reopen tickets closed by a committer. The correct way to revisit issues is to take it up on django-dev.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.