堆栈内存溢出
  简体   繁体   English

Django的。 登录后重定向用户

[英]Django. Redirecting user after login

 原文  2014-09-01 17:22:52       python/ django

问题描述

I'm newbie in Django and I need your help. 我是Django的新手,需要您的帮助。

I'm building my app on class-based views. 我正在基于基于类的视图上构建我的应用程序。 For login I using default django.contrib.auth.models.User class and one-to-one relationship for UserInfo class for storing additional information(like profile photo and so on): 对于登录,我使用默认的django.contrib.auth.models.User类和UserInfo类的一对一关系来存储其他信息(例如个人资料照片等):

models.py models.py 

class UserInfo(models.Model):
    user = models.OneToOneField(User)
    birth_date = models.DateField()
    avatar = models.FilePathField()

After login succeed I want to pass UserInfo data to home page(defined as DetailView ). 登录成功后,我想将UserInfo数据传递到主页(定义为DetailView )。 So currently I have something like this: 所以目前我有这样的事情:

urls.py urls.py 

urlpatterns = patterns('',
    url(r'^$',      Index.as_view(), name='index'), #Returns page with login form.
    url(r'^login$', Index.as_view(), name='login'), #Proceed login form and redirects to homepage.
    url(r'^home/id(?P<pk>\d+)$',  login_required(Home.as_view(), login_url='/'),  name='home'),
)

index.py index.py 

#Login proceed here
class Index(generic.FormView):
    template_name = 'index.html'
    form_class = AuthenticationForm
    success_url = '/home/id'

    def post(self, request, *args, **kwargs):
        username = request.POST.get('username')
        password = request.POST.get('password')
        user = authenticate(username = username, password = password)
        if user is not None and user.is_active:
            login(request, user)
            return redirect('/home/id', pk = user.id)
        else:
            return redirect('/', {'error' : 'Incorrect login or password'})

home.py home.py 

class Home(generic.DetailView):
    model = UserInfo
    template_name = 'home.html'

Unfortunately it doesn't work. 不幸的是,它不起作用。 Could you please help me to understand how it should work? 您能帮我了解它应该如何工作吗? And how I should get UserInfo data inside my home.html page? 以及如何在home.html页面中获取UserInfo数据?

1 个解决方案

解决方案1
 1 已采纳  2014-09-01 18:01:51

You should not pass data in URL redirects, because this is inherently safe and prone to all kind of exploitation ( Content Spoofing vulnerability ). 您不应该在URL重定向中传递数据,因为它本质上是安全的,并且容易受到各种利用( Content Spoofing漏洞 )。

Instead, you should pass data over redirect using Django sessions . 相反,您应该使用Django session通过重定向传递数据。 Particularly, in the case of the success/error messages, Django messages framework is handy . 特别是在成功/错误消息的情况下, Django消息框架非常方便 

from django.contrib import messages

def post(self, request, *args, **kwargs):
    ....
    else:
        messages.error(request, "Incorrect username or password")
        return redirect('/')

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Django中的异常错误。 创建超级用户后无法登录管理员 - Unusual error in Django. Cannot login into admin after creating superuser 登录失败页面后的 Django 未重定向到下一个 - Django after login failed page is not redirecting to next Django登录后未重定向到管理站点 - Django Not Redirecting to Admin Site after Login 在Django中登录后重定向到最初请求的页面 - Redirecting to originally requested page after login in Django 登录后 Django 未重定向到所需的 url - Django not redirecting to desired url after login 登录后重定向到注释部分在Django中不起作用 - redirecting to comment section after login is not working in django 在 Django 中注册用户后如何重定向到页面 - How to redirecting to a page after registering a user in - Django Django的。 TestCase login_required - Django. TestCase login_required 在Django登录后重定向用户 - Redirect User After Login in Django Django的。 身份验证(用户返回无) - Django. Authentication (user returns None)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM