flow chart of the login processdjango自定義登錄視圖和django自定義身份驗證後端之間的區別?
如圖所示,我想將尚未創建完整名稱的用戶重定向到url('profile:profile_create')。
如果用戶已經創建了一個全名,然後重定向到URL(「簡介:profile_view」)
什麼是處理過程中的更好的辦法?自定義登錄視圖還是自定義身份驗證後端?
authviews.py
class LoginView(FormView):
success_url = settings.LOGIN_REDIRECT_URL
form_class = AuthenticationForm
redirect_field_name = REDIRECT_FIELD_NAME
template_name = 'registration/login.html'
@method_decorator(sensitive_post_parameters('password'))
@method_decorator(csrf_protect)
@method_decorator(never_cache)
def dispatch(self, request, *args, **kwargs):
# Sets a test cookie to make sure the user has cookies enabled
request.session.set_test_cookie()
return super(LoginView, self).dispatch(request, *args, **kwargs)
def form_valid(self, form):
auth_login(self.request, form.get_user())
# If the test cookie worked, go ahead and
# delete it since its no longer needed
if self.request.session.test_cookie_worked():
self.request.session.delete_test_cookie()
return super(LoginView, self).form_valid(form)
def get_success_url(self):
redirect_to = self.request.GET.get(self.redirect_field_name)
if not is_safe_url(url=redirect_to, host=self.request.get_host()):
redirect_to = self.success_url
return redirect_to
在get_success_url()
功能的定製會導致不安全的要求如何我解決這個問題?
IMO第一個。使用自定義登錄視圖。 –
有沒有關於上述邏輯的參考?我是django的新人.. – Rahul
如何谷歌搜索這樣的條款:'登錄後django重定向用戶? –