[英]Django. Redirecting user after login
I'm newbie in Django and I need your help. 我是Django的新手,需要您的帮助。
I'm building my app on class-based views. 我正在基于基于类的视图上构建我的应用程序。 For login I using default
django.contrib.auth.models.User
class and one-to-one relationship for UserInfo
class for storing additional information(like profile photo and so on): 对于登录,我使用默认的
django.contrib.auth.models.User
类和UserInfo
类的一对一关系来存储其他信息(例如个人资料照片等):
models.py models.py
class UserInfo(models.Model):
user = models.OneToOneField(User)
birth_date = models.DateField()
avatar = models.FilePathField()
After login succeed I want to pass UserInfo
data to home page(defined as DetailView
). 登录成功后,我想将
UserInfo
数据传递到主页(定义为DetailView
)。 So currently I have something like this: 所以目前我有这样的事情:
urls.py urls.py
urlpatterns = patterns('',
url(r'^$', Index.as_view(), name='index'), #Returns page with login form.
url(r'^login$', Index.as_view(), name='login'), #Proceed login form and redirects to homepage.
url(r'^home/id(?P<pk>\d+)$', login_required(Home.as_view(), login_url='/'), name='home'),
)
index.py index.py
#Login proceed here
class Index(generic.FormView):
template_name = 'index.html'
form_class = AuthenticationForm
success_url = '/home/id'
def post(self, request, *args, **kwargs):
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username = username, password = password)
if user is not None and user.is_active:
login(request, user)
return redirect('/home/id', pk = user.id)
else:
return redirect('/', {'error' : 'Incorrect login or password'})
home.py home.py
class Home(generic.DetailView):
model = UserInfo
template_name = 'home.html'
Unfortunately it doesn't work. 不幸的是,它不起作用。 Could you please help me to understand how it should work?
您能帮我了解它应该如何工作吗? And how I should get
UserInfo
data inside my home.html
page? 以及如何在
home.html
页面中获取UserInfo
数据?
You should not pass data in URL redirects, because this is inherently safe and prone to all kind of exploitation ( Content Spoofing vulnerability ). 您不应该在URL重定向中传递数据,因为它本质上是安全的,并且容易受到各种利用( Content Spoofing漏洞 )。
Instead, you should pass data over redirect using Django sessions . 相反,您应该使用Django session通过重定向传递数据。 Particularly, in the case of the success/error messages, Django messages framework is handy .
特别是在成功/错误消息的情况下, Django消息框架非常方便 。
from django.contrib import messages
def post(self, request, *args, **kwargs):
....
else:
messages.error(request, "Incorrect username or password")
return redirect('/')
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.