Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Logged in users still see login page (django auth)

Tags:

authentication

django

I'm using django.contrib.auth to handle user authentication in my django project. In order to log in, I have

from django.contrib.auth.views import login, logout

# ...

url(r'^login/', login, name='login'),
url(r'^logout/', logout, {'next_page': '/'}, name='logout'),

in my main project's urls.py.

So far, so good. However, I notice that after logging in, if I access /login/, I still see the login page, and am able to log in as another user. This seems like counter-intuitive behavior -- most websites will either show an error or redirect you to the homepage if you attempt to access the login page while logged in.

I'm using the builtin models / views, and so as far as I know I have no easy way of altering the views. Is there a simple way of gaining this functionality (i.e. preventing access to the login form if logged in), or is the best way simply to modify the template to only show the form if not logged in?

like image 661
Mala Avatar asked Apr 08 '14 19:04

Mala

3 Answers

Simply you can write you login url as this:

from django.contrib.auth import views as auth_views

path('login/', auth_views.LoginView.as_view(template_name="accounts/login.html", redirect_authenticated_user=True), name='login'),
like image 179
Ahmed Ibrahim Avatar answered Oct 06 '22 00:10

Ahmed Ibrahim

You hide content within the template.html using templateTags like so:

{% if user.is_authenticated %}
  <p>Only a logged in User can view</p>
{% else %}
  <p>Only a logged out User can view</p>
{% endif %}

[EDIT]

If you would like to then redirect the user before the web page is rendered, then you can do that in the view.

def myView(request):
    if request.user.is_authenticated:
        return render(request, 'logged_in_view.html')
    else:
        return render(request, 'logged_out_view.html')
like image 23
Aaron Lelevier Avatar answered Oct 05 '22 23:10

Aaron Lelevier

Possible solution: I create 'my_login':

def my_login(request):
    if request.user.is_authenticated():
        return redirect(#...home)
    else:
        return login(request, 'template/login.html') # here i used login built-in function
                                                     # instead of using directly in urls.py

And i used my_login view in urls.py instead of 'django.contrib.auth.views.login'

EDIT

New in Django 1.10:
The redirect_authenticated_user parameter was added.

Check https://docs.djangoproject.com/en/1.10/topics/auth/default/#django.contrib.auth.views.login

like image 30
yierstem Avatar answered Oct 06 '22 00:10

yierstem
Sign in to Comment

Related questions

Convert between coordinate systems with GeoDjango
How to print number with commas as thousands separator and decimal places in Python/Django
Django : Cannot Import name xrange
How does one use magic to verify file type in a Django form clean method?
pip search django produces time out error
How do I get the visitor's current timezone then convert timezone.now() to string of the local time in Django 1.4?
Django Invalid Block Tag: 'endfor', expected 'endblock'
How to customize django form label
Howto copy object from model A to model B
Django seems to be caching datetime.now()
How to use two different Django Form at the same template?
I'm developing an application similar to fb chat. Which framework - Play or Django? [closed]
No JSON object could be decoded - tastypie - curl
Make strings inside trans tag uppercased
Django password change view form
Why does setting debug to false in django settings stop Heroku app from loading in development and production?
Send a file through Django Class Based Views
Django how to use post_save signals
Django blocktrans - inside HTML tag
Django ModelForm float field not calling Clean_Field method

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!