flow chart of the login processdjango自定义登录视图和django自定义身份验证后端之间的区别?
如图所示,我想将尚未创建完整名称的用户重定向到url('profile:profile_create')。
如果用户已经创建了一个全名,然后重定向到URL(“简介:profile_view”)
什么是处理过程中的更好的办法?自定义登录视图还是自定义身份验证后端?
authviews.py
class LoginView(FormView):
success_url = settings.LOGIN_REDIRECT_URL
form_class = AuthenticationForm
redirect_field_name = REDIRECT_FIELD_NAME
template_name = 'registration/login.html'
@method_decorator(sensitive_post_parameters('password'))
@method_decorator(csrf_protect)
@method_decorator(never_cache)
def dispatch(self, request, *args, **kwargs):
# Sets a test cookie to make sure the user has cookies enabled
request.session.set_test_cookie()
return super(LoginView, self).dispatch(request, *args, **kwargs)
def form_valid(self, form):
auth_login(self.request, form.get_user())
# If the test cookie worked, go ahead and
# delete it since its no longer needed
if self.request.session.test_cookie_worked():
self.request.session.delete_test_cookie()
return super(LoginView, self).form_valid(form)
def get_success_url(self):
redirect_to = self.request.GET.get(self.redirect_field_name)
if not is_safe_url(url=redirect_to, host=self.request.get_host()):
redirect_to = self.success_url
return redirect_to
在get_success_url()
功能的定制会导致不安全的要求如何我解决这个问题?
IMO第一个。使用自定义登录视图。 –
有没有关于上述逻辑的参考?我是django的新人.. – Rahul
如何谷歌搜索这样的条款:'登录后django重定向用户? –