flow chart of the login process
如图所示,我想将尚未创建全名的用户重定向到url('profile:profile_create')。
如果用户已创建完整名称,则重定向到网址('profile:profile_view')
处理流程的更好方法是什么?自定义登录视图或自定义身份验证后端?
authviews.py
class LoginView(FormView):
success_url = settings.LOGIN_REDIRECT_URL
form_class = AuthenticationForm
redirect_field_name = REDIRECT_FIELD_NAME
template_name = 'registration/login.html'
@method_decorator(sensitive_post_parameters('password'))
@method_decorator(csrf_protect)
@method_decorator(never_cache)
def dispatch(self, request, *args, **kwargs):
# Sets a test cookie to make sure the user has cookies enabled
request.session.set_test_cookie()
return super(LoginView, self).dispatch(request, *args, **kwargs)
def form_valid(self, form):
auth_login(self.request, form.get_user())
# If the test cookie worked, go ahead and
# delete it since its no longer needed
if self.request.session.test_cookie_worked():
self.request.session.delete_test_cookie()
return super(LoginView, self).form_valid(form)
def get_success_url(self):
redirect_to = self.request.GET.get(self.redirect_field_name)
if not is_safe_url(url=redirect_to, host=self.request.get_host()):
redirect_to = self.success_url
return redirect_to
get_success_url()
功能中的任何自定义都会导致不安全的请求如何解决问题?
答案 0 :(得分:1)
我无法想到您为什么需要自定义身份验证后端。顾名思义,当您想要改变Django执行身份验证的方式时,这就是你不会做的事情。
此处唯一更改的是您在登录后重定向到的位置,这仅仅是登录视图的作用。