Hello, I have a new question about django (I post a lost of them these days^^).
Here is my situation : I have a custom login view (registered as login url in the settings) where I authenticate the users. I chose to do a custom view to be able to add messages and logging.
The authentication works well, but I have a problem with the GET parameter 'next'. It is set automatically by the views redirecting the users for authentication. It is used in my view to redirect the user after a successful login.
Here is the code :
from django.http import HttpResponse
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect
from django.shortcuts import render_to_response
from django.utils.translation import ugettext as _
from django.contrib import messages
from django.template import RequestContext
from django.contrib.auth import authenticate, login, logout
import logging
logger = logging.getLogger("views")
def login_user(request):
"""
Displays the login form or authenticates the user if called by POST.
"""
accepted = False
next = request.GET.get('next', None)
if not request.user.is_authenticated():
if request.POST:
# Get the form data and check the user credentials
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
# Log the user in
login(request, user)
logger.info("Login of user : %s", user.username)
# Confirm the login
messages.success(request,_('Login successful. Welcome !'))
accepted = True
else:
messages.error(request,_('This account has been disabled by the administrator.'))
else:
messages.warning(request,_('The given username or password is invalid. Please try again.'))
else:
# If already authenticated
accepted = True
# Choose where to go
if accepted:
return HttpResponse(next)
if next:
return HttpResponseRedirect(next)
else:
return HttpResponseRedirect(reverse('myview'))
else:
return render_to_response('login.html',
context_instance=RequestContext(request))
The next parameter is correct when the user is accessing the login view when already authenticated (first else).
When an anonymous user tries to go to /editor/25 (for example) and is redirected to login for authentication, "next" is always None even if present in the url (it should be "/editor/25").
There should be one simple error somewhere. Maybe it has to do with authenticate() or login() (django.contrib.auth).
Thanks for your help.