I want to create middleware that authenticate user role = "level1' or role = "level2" if user login for level 1 they only see level 1 content and if user login level 2 they can see both level 1 and level 2 content
from django.shortcuts import render
from django.http import HttpResponse
from .forms import loginForm
from .models import memberModel
# Create your views here.
def login(request):
lf = loginForm
return render(request, 'member/login.html', {'lf':lf})
def getLogin(request):
username = request.POST['username']
password = request.POST['password']
user = memberModel.objects.get(username = username)
if (user.password == password):
if (user.role == 'level1'):
return HttpResponse('you are level 1 basic')
else:
return HttpResponse('you are VIP')
else:
return HttpResponse('login fail')
def level1(request):
#if login level 1 and level 2 role can see this
return render(request, 'member/level1.html')
def level2(request):
# only login level 2 role can see this
return render(request, 'member/level2.html')
how can i do that, please help
You can make use of the @user_passes_test
decorator [Django-doc] :
from django.contrib.auth.decorators import login_required, user_passes_test
= user_passes_test(lambda u: u.role == 'level2')
@login_required
def level1(request):
#if login level 1 and level 2 role can see this
return render(request, 'member/level1.html')
@login_required
def level2(request):
# only login level 2 role can see this
return render(request, 'member/level2.html')
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.