我们从Python开源项目中,提取了以下50个代码示例,用于说明如何使用django.contrib.auth.REDIRECT_FIELD_NAME。
def disconnect(request, backend, association_id=None): associated = request.user.social_auth.count() url = request.REQUEST.get(REDIRECT_FIELD_NAME, '') or backend_setting(backend, 'SOCIAL_AUTH_DISCONNECT_REDIRECT_URL') or DEFAULT_REDIRECT if not request.user.has_usable_password() and associated <= 1: messages.error(request, _("Cannot remove the only Social Account without first setting a Password or adding another Social Account.")) return HttpResponseRedirect(url) usa = request.user.social_auth.get(pk=association_id) backend.disconnect(request.user, association_id) messages.success(request, _("Removed the %(provider)s account '%(uid)s'.") % { "provider": usa.provider, "uid": usa.extra_data.get("display", usa.uid) if usa.extra_data is not None else usa.uid, }) return HttpResponseRedirect(url)
def user_login(request): """ View for logging users in. """ redirect_to = request.POST.get(REDIRECT_FIELD_NAME, request.GET.get(REDIRECT_FIELD_NAME, '')) login_form = AuthenticationForm(request, data=request.POST) if login_form.is_valid(): # Ensure the user-originating redirection url is safe. if not is_safe_url(url=REDIRECT_FIELD_NAME, host=request.get_host()): redirect_to = settings.LOGIN_REDIRECT_URL # Okay, security check complete. Log the user in. auth_login(request, login_form.get_user()) return redirect(settings.LOGIN_REDIRECT_URL if redirect_to == '' else redirect_to) else: return render(request, 'index.html', {'login_form': login_form, 'display': 'block', 'active': 'login'})
def is_owner(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): # assume username is first arg if request.user.is_authenticated(): if request.user.username == kwargs['username']: return view_func(request, *args, **kwargs) protocol = "https" if request.is_secure() else "http" return HttpResponseRedirect("%s://%s" % (protocol, request.get_host())) path = request.build_absolute_uri() login_url = request.build_absolute_uri(settings.LOGIN_URL) # If the login url is the same scheme and net location then just # use the path as the "next" url. login_scheme, login_netloc = urlparse.urlparse(login_url)[:2] current_scheme, current_netloc = urlparse.urlparse(path)[:2] if ((not login_scheme or login_scheme == current_scheme) and (not login_netloc or login_netloc == current_netloc)): path = request.get_full_path() from django.contrib.auth.views import redirect_to_login return redirect_to_login(path, None, REDIRECT_FIELD_NAME) return _wrapped_view
def site_is_configured(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator for views that checks that the user is logged in, redirecting to the log-in page if necessary. """ def check_constance_is_configured(): return config.USER_HAS_COMPLETED_CONFIGURATION actual_decorator = constance_check( check_constance_is_configured, next_url=login_url, redirect_field_name=redirect_field_name ) if function: return actual_decorator(function) return actual_decorator
def login_if_required_for_dashboard(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator for views that checks that the user is logged in, redirecting to the log-in page if necessary - but only if REQUIRE_LOGIN_FOR_DASHBOARD is set True in Constance. """ def authenticated_test(u): if config.REQUIRE_LOGIN_FOR_DASHBOARD: return u.is_authenticated else: return True actual_decorator = user_passes_test( authenticated_test, login_url=login_url, redirect_field_name=redirect_field_name ) if function: return actual_decorator(function) return actual_decorator
def gravity_support_enabled(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator for views that checks that the user is logged in, redirecting to the log-in page if necessary. """ def check_gravity_support_enabled(): return config.GRAVITY_SUPPORT_ENABLED actual_decorator = constance_check( check_gravity_support_enabled, next_url=login_url, redirect_field_name=redirect_field_name ) if function: return actual_decorator(function) return actual_decorator
def _redirect_url(request): """Redirects to referring page, or CAS_REDIRECT_URL if no referrer is set. """ next = request.GET.get(REDIRECT_FIELD_NAME) if not next: if settings.CAS_IGNORE_REFERER: next = settings.CAS_REDIRECT_URL else: next = request.META.get('HTTP_REFERER', settings.CAS_REDIRECT_URL) host = request.get_host() prefix = (('http://', 'https://')[request.is_secure()] + host) if next.startswith(prefix): next = next[len(prefix):] return next
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): """Replacement for django.contrib.auth.decorators.user_passes_test that returns 403 Forbidden if the user is already logged in. """ if not login_url: from django.conf import settings login_url = settings.LOGIN_URL def decorator(view_func): @wraps(view_func) def wrapper(request, *args, **kwargs): if test_func(request.user): return view_func(request, *args, **kwargs) elif request.user.is_authenticated(): return HttpResponseForbidden('<h1>Permission denied</h1>') else: path = '%s?%s=%s' % (login_url, redirect_field_name, urlquote(request.get_full_path())) return HttpResponseRedirect(path) return wrapper return decorator
def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): """ Redirects the user to the login page, passing the given 'next' page """ resolved_url = resolve_url(login_url or settings.LOGIN_URL) login_url_parts = list(urlparse(resolved_url)) if redirect_field_name: querystring = QueryDict(login_url_parts[4], mutable=True) querystring[redirect_field_name] = next login_url_parts[4] = querystring.urlencode(safe='/') return HttpResponseRedirect(urlunparse(login_url_parts)) # 4 views for password reset: # - password_reset sends the mail # - password_reset_done shows a success message for the above # - password_reset_confirm checks the link the user clicked and # prompts for a new password # - password_reset_complete shows a success message for the above
def login_redirect(request): """Load current redirect to context.""" value = request.method == 'POST' and \ request.POST.get(REDIRECT_FIELD_NAME) or \ request.GET.get(REDIRECT_FIELD_NAME) if value: value = quote(value) querystring = REDIRECT_FIELD_NAME + '=' + value else: querystring = '' return { 'REDIRECT_FIELD_NAME': REDIRECT_FIELD_NAME, 'REDIRECT_FIELD_VALUE': value, 'REDIRECT_QUERYSTRING': querystring }
def staff_login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): ''' Decorator to check that the user accessing the decorated view has their is_staff flag set to True. It will first redirect to login_url or the default login url if the user is not authenticated. If the user is authenticated but is not staff, then a PermissionDenied exception will be raised. ''' # Based off code from the Django project # License: https://github.com/django/django/blob/c1aec0feda73ede09503192a66f973598aef901d/LICENSE # NOQA # Code reference: https://github.com/django/django/blob/c1aec0feda73ede09503192a66f973598aef901d/django/contrib/auth/decorators.py#L40 # NOQA def check_if_staff(user): if not user.is_authenticated(): # returning False will cause the user_passes_test decorator # to redirect to the login flow return False if user.is_staff: # then all good return True # otherwise the user is authenticated but isn't staff, so # they do not have the correct permissions and should be directed # to the 403 page raise PermissionDenied actual_decorator = decorators.user_passes_test( check_if_staff, login_url=login_url, redirect_field_name=redirect_field_name ) if function: return actual_decorator(function) return actual_decorator
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME): """ Decorator for views that checks that the user passes the given test, redirecting to the log-in page if necessary. The test should be a callable that takes the user object and returns True if the user passes. """ def decorator(view_func): @wraps(view_func, assigned=available_attrs(view_func)) def _wrapped_view(request, *args, **kwargs): if test_func(request.user): return view_func(request, *args, **kwargs) path = request.build_absolute_uri() resolved_login_url = resolve_url(login_url or settings.LOGIN_URL) # If the login url is the same scheme and net location then just # use the path as the "next" url. login_scheme, login_netloc = urlparse(resolved_login_url)[:2] current_scheme, current_netloc = urlparse(path)[:2] if ((not login_scheme or login_scheme == current_scheme) and (not login_netloc or login_netloc == current_netloc)): path = request.get_full_path() from django.contrib.auth.views import redirect_to_login return redirect_to_login( path, resolved_login_url, redirect_field_name) return _wrapped_view return decorator
def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator for views that checks that the user is logged in, redirecting to the log-in page if necessary. """ actual_decorator = user_passes_test( lambda u: u.is_authenticated(), login_url=login_url, redirect_field_name=redirect_field_name ) if function: return actual_decorator(function) return actual_decorator
def login(self, request, extra_context=None): """ Displays the login form for the given HttpRequest. """ if request.method == 'GET' and self.has_permission(request): # Already logged-in, redirect to admin index index_path = reverse('admin:index', current_app=self.name) return HttpResponseRedirect(index_path) from django.contrib.auth.views import login # Since this module gets imported in the application's root package, # it cannot import models from other applications at the module level, # and django.contrib.admin.forms eventually imports User. from django.contrib.admin.forms import AdminAuthenticationForm context = dict(self.each_context(request), title=_('Log in'), app_path=request.get_full_path(), username=request.user.get_username(), ) if (REDIRECT_FIELD_NAME not in request.GET and REDIRECT_FIELD_NAME not in request.POST): context[REDIRECT_FIELD_NAME] = reverse('admin:index', current_app=self.name) context.update(extra_context or {}) defaults = { 'extra_context': context, 'authentication_form': self.login_form or AdminAuthenticationForm, 'template_name': self.login_template or 'admin/login.html', } request.current_app = self.name return login(request, **defaults)
def staff_member_required(view_func=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url='admin:login'): """ Decorator for views that checks that the user is logged in and is a staff member, redirecting to the login page if necessary. """ actual_decorator = user_passes_test( lambda u: u.is_active and u.is_staff, login_url=login_url, redirect_field_name=redirect_field_name ) if view_func: return actual_decorator(view_func) return actual_decorator
def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None): """ Decorator for views that checks that the user is logged in, redirecting to the log-in page if necessary. """ actual_decorator = user_passes_test( lambda u: u.is_authenticated, login_url=login_url, redirect_field_name=redirect_field_name ) if function: return actual_decorator(function) return actual_decorator
def login(self, request, extra_context=None): """ Displays the login form for the given HttpRequest. """ if request.method == 'GET' and self.has_permission(request): # Already logged-in, redirect to admin index index_path = reverse('admin:index', current_app=self.name) return HttpResponseRedirect(index_path) from django.contrib.auth.views import login # Since this module gets imported in the application's root package, # it cannot import models from other applications at the module level, # and django.contrib.admin.forms eventually imports User. from django.contrib.admin.forms import AdminAuthenticationForm context = dict( self.each_context(request), title=_('Log in'), app_path=request.get_full_path(), username=request.user.get_username(), ) if (REDIRECT_FIELD_NAME not in request.GET and REDIRECT_FIELD_NAME not in request.POST): context[REDIRECT_FIELD_NAME] = reverse('admin:index', current_app=self.name) context.update(extra_context or {}) defaults = { 'extra_context': context, 'authentication_form': self.login_form or AdminAuthenticationForm, 'template_name': self.login_template or 'admin/login.html', } request.current_app = self.name return login(request, **defaults)
def superuser_required(view_func=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url='account_login'): """ Decorator for views that checks that the user is logged in and is a superuser, redirecting to the login page if necessary. """ actual_decorator = user_passes_test( lambda u: u.is_active and u.is_superuser, login_url=login_url, redirect_field_name=redirect_field_name ) if view_func: return actual_decorator(view_func) return actual_decorator
def view(request): if not request.user.is_authenticated: ctx = { 'next': request.GET.get(REDIRECT_FIELD_NAME, ''), } return render(request, 'welcome.html', ctx) lang = request.COOKIES.get(COOKIE_NAME, None) if lang is None: supported = Language.live.cached_dict( show_all=request.user.is_superuser ) lang = get_lang_from_http_header(request, supported) if lang is not None and lang not in ('projects', ''): url = reverse('pootle-language-browse', args=[lang]) else: url = reverse('pootle-projects-browse') # Preserve query strings args = request.GET.urlencode() qs = '?%s' % args if args else '' redirect_url = '%s%s' % (url, qs) return redirect(redirect_url)
def mala_staff_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='staff:login'): """ Decorator for views that checks that the user is logged in and is a staff member, displaying the login page if necessary. """ return user_passes_test( is_manager, login_url=login_url, redirect_field_name=redirect_field_name )(view_func)
def mala_lecturer_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='lecturer:login'): """ Decorator for views that checks that the user is logged in and is a lecturer, displaying the login page if necessary. """ return user_passes_test( is_lecturer, login_url=login_url, redirect_field_name=redirect_field_name )(view_func)
def mala_staff_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='import_:login'): """ Decorator for views that checks that the user is logged in and is a staff member, displaying the login page if necessary. """ return user_passes_test( is_manager, login_url=login_url, redirect_field_name=redirect_field_name )(view_func)
def login(self, request, extra_context=None): """ Displays the login form for the given HttpRequest. """ if request.method == 'GET' and self.has_permission(request): # Already logged-in, redirect to admin index index_path = reverse('admin:index', current_app=self.name) return HttpResponseRedirect(index_path) from django.contrib.auth.views import LoginView # Since this module gets imported in the application's root package, # it cannot import models from other applications at the module level, # and django.contrib.admin.forms eventually imports User. from django.contrib.admin.forms import AdminAuthenticationForm context = dict( self.each_context(request), title=_('Log in'), app_path=request.get_full_path(), username=request.user.get_username(), ) if (REDIRECT_FIELD_NAME not in request.GET and REDIRECT_FIELD_NAME not in request.POST): context[REDIRECT_FIELD_NAME] = reverse('admin:index', current_app=self.name) context.update(extra_context or {}) defaults = { 'extra_context': context, 'authentication_form': self.login_form or AdminAuthenticationForm, 'template_name': self.login_template or 'admin/login.html', } request.current_app = self.name return LoginView.as_view(**defaults)(request)
def login(self, request, extra_context=None): """ Displays the login form for the given HttpRequest. """ if request.method == 'GET' and self.has_permission(request): # Already logged-in, redirect to admin index index_path = reverse('admin:index', current_app=self.name) return HttpResponseRedirect(URL_PREFIX_RESOURCE+index_path) from django.contrib.auth.views import login # Since this module gets imported in the application's root package, # it cannot import models from other applications at the module level, # and django.contrib.admin.forms eventually imports User. from django.contrib.admin.forms import AdminAuthenticationForm context = dict(self.each_context(request), title= ('Log in'), app_path=request.get_full_path(), ) if REDIRECT_FIELD_NAME not in request.GET and REDIRECT_FIELD_NAME not in request.POST: context[REDIRECT_FIELD_NAME] = request.get_full_path() context.update(extra_context or {}) defaults = { 'extra_context': context, 'current_app': self.name, 'authentication_form': self.login_form or AdminAuthenticationForm, 'template_name': self.login_template or 'admin/login.html', } return login(request, **defaults)
def index(request): """ View for index page. If request user is not authenticated then Djacket intro page is shown, else if user is authenticated his/her deposit is shown. """ if request.user.is_authenticated(): return user_deposit(request, request.user.username) else: return render(request, 'index.html', {'active': 'login', REDIRECT_FIELD_NAME: request.GET.get(REDIRECT_FIELD_NAME, '')})
def get_redirect_url(request, default=settings.LOGIN_REDIRECT_URL): """ ????????? ?????? ??? ????????? ?? POST, GET ??? settings """ redirect_to = request.POST.get( REDIRECT_FIELD_NAME, request.GET.get(REDIRECT_FIELD_NAME, '') ) if not is_safe_url(url=redirect_to, host=request.get_host()): redirect_to = resolve_url(default) return redirect_to
def login(self, request, extra_context=None): """ Displays the login form for the given HttpRequest. """ if request.method == 'GET' and self.has_permission(request): # Already logged-in, redirect to admin index index_path = reverse('admin:index', current_app=self.name) return HttpResponseRedirect(index_path) from django.contrib.auth.views import login # Since this module gets imported in the application's root package, # it cannot import models from other applications at the module level, # and django.contrib.admin.forms eventually imports User. from django.contrib.admin.forms import AdminAuthenticationForm context = dict(self.each_context(request), title=_('Log in'), app_path=request.get_full_path(), ) if (REDIRECT_FIELD_NAME not in request.GET and REDIRECT_FIELD_NAME not in request.POST): context[REDIRECT_FIELD_NAME] = request.get_full_path() context.update(extra_context or {}) defaults = { 'extra_context': context, 'current_app': self.name, 'authentication_form': self.login_form or AdminAuthenticationForm, 'template_name': self.login_template or 'admin/login.html', } return login(request, **defaults)
def staff_member_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='admin:login'): """ Decorator for views that checks that the user is logged in and is a staff member, displaying the login page if necessary. """ return user_passes_test( lambda u: u.is_active and u.is_staff, login_url=login_url, redirect_field_name=redirect_field_name )(view_func)
def google_login(request, template_name=None, redirect_field_name=REDIRECT_FIELD_NAME): redirect_to = get_redirect_to(request, redirect_field_name) return HttpResponseRedirect(users.create_login_url(redirect_to))
def hybrid_login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME): # Don't login using both authentication systems at the same time if request.user.is_authenticated(): redirect_to = get_redirect_to(request, redirect_field_name) return HttpResponseRedirect(redirect_to) return login(request, template_name, redirect_field_name)
def login(self, request, extra_context=None): """ Displays the login form for the given HttpRequest. """ if request.method == 'GET' and self.has_permission(request): # Already logged-in, redirect to admin index index_path = reverse('admin:index', current_app=self.name) return HttpResponseRedirect(index_path) from django.contrib.auth.views import login # Since this module gets imported in the application's root package, # it cannot import models from other applications at the module level, # and django.contrib.admin.forms eventually imports User. from django.contrib.admin.forms import AdminAuthenticationForm context = dict(self.each_context(request), title=_('Log in'), app_path=request.get_full_path(), ) if (REDIRECT_FIELD_NAME not in request.GET and REDIRECT_FIELD_NAME not in request.POST): context[REDIRECT_FIELD_NAME] = reverse('admin:index', current_app=self.name) context.update(extra_context or {}) defaults = { 'extra_context': context, 'authentication_form': self.login_form or AdminAuthenticationForm, 'template_name': self.login_template or 'admin/login.html', } request.current_app = self.name return login(request, **defaults)
def test_next_from_GET_is_respected_and_user_is_redirected_there(self): create_user(username='user', password='user', is_superuser=False) self.assert_logged_in_user_on_next_request( username='user', password='user', display_user='user', **{REDIRECT_FIELD_NAME: '/foo/'}) redir_to = parse.urlparse(self.login_post_response['Location']) self.assertEqual('/foo/', redir_to.path)
