当用户访问需要登录的网址时。视图装饰器重定向到登录页面。在用户输入用户名和密码后,如何将用户重定向到他尝试访问的页面(“下一步”)?
def login_view(request):
template = 'pos/login.html'
form = LoginForm
if request.method == 'POST':
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
messages.success(request, "You have logged in!")
return redirect('home')
else:
messages.warning(request, "Your account is disabled!")
return redirect('/login')
else:
messages.warning(request, "The username or password are not valid!")
return redirect('/login')
context = {'form': form}
return render(request, template, context)
@login_required(redirect_field_name='next', login_url='/login')
def bar(request):
template = 'pos/bar.html'
drink = OrderItem.objects.filter(product__catgory__gt=1).order_by('-created')
context = {'drink': drink}
return render(request, template, context)
<form action="/login" id="login_form" method="post" class="form-signin">
{% csrf_token %}
{{ form.as_p }}
<button class="btn btn-lg btn-primary btn-block" type="submit" value="login">Sign in</button>
<input type="hidden" name="next" value="{{next}}" />
</form>
url(r'^login', views.login_view, name='login'),
class LoginForm(AuthenticationForm):
username = forms.CharField(label="Username", required=True, max_length=30,
widget=forms.TextInput(attrs={
'class': 'form-control',
'name': 'username'}))
password = forms.CharField(label="Password", required=True, max_length=30,
widget=forms.PasswordInput(attrs={
'class': 'form-control',
'name': 'password'}))
答案 0 :(得分:5)
您可以尝试:
return redirect(self.request.GET.get('next'))
答案 1 :(得分:1)
接受的答案会检查是否有下一个参数重定向到外部站点。对于许多应用程序来说,这将是一个安全问题。 Django具有django.utils.http.is_safe_url函数形式的内置功能。可以这样使用:
from django.shortcuts import redirect
from django.utils.http import is_safe_url
from django.conf import settings
def redirect_after_login(request):
nxt = request.GET.get("next", None)
if nxt is None:
return redirect(settings.LOGIN_REDIRECT_URL)
elif not is_safe_url(
url=nxt,
allowed_hosts={request.get_host()},
require_https=request.is_secure()):
return redirect(settings.LOGIN_REDIRECT_URL)
else:
return redirect(nxt)
def my_login_view(request):
# TODO: Check if its ok to login.
# Then either safely redirect og go to default startpage.
return redirect_after_login(request)
答案 2 :(得分:0)
将next传递给登录表单,然后将该值传递给隐藏输入中的view的表单可能有些复杂。
作为替代方案,可以在此处使用django.core.cache。
通过这种方式,无需向表单传递任何额外内容或为表单提供额外的输入字段。
def login_view(request):
if request.method == 'GET':
cache.set('next', request.GET.get('next', None))
if request.method == 'POST':
# do your checks here
login(request, user)
next_url = cache.get('next')
if next_url:
cache.delete('next')
return HttpResponseRedirect(next_url)
return render(request, 'account/login.html')
答案 3 :(得分:0)
这实际上对我很不错:
from django.shortcuts import redirect
def login(request):
nxt = request.GET.get("next", None)
url = '/admin/login/'
if nxt is not None:
url += '?next=' + nxt
return redirect(url)
如果下一个URL包含下一个-调用“登录” URL,并将前一个“下一个”附加到该URL。 然后,当您登录时-您将继续之前的下一页。
在我的项目中,我制作了以下用于Swagger登录/注销的助手:
def _redirect(request, url):
nxt = request.GET.get("next", None)
if nxt is not None:
url += '?next=' + nxt
return redirect(url)
def login(request):
return _redirect(request, '/admin/login/')
def logout(request):
return _redirect(request, '/admin/logout/')
答案 4 :(得分:0)
您可以尝试通过在account / login.html模板中的“提交”按钮之前简单地添加此输入字段
<input type="hidden" name="next" value="{{ request.GET.next }}"/>
答案 5 :(得分:0)
path_redirect = request.get_full_path().split('?next=',1)
if '?next=' in request.get_full_path():# Redirecting After Login
return redirect(path_redirect[1])
else:
return redirect('index')