Middleware django authenticate

Question

I want to create middleware that authenticate user role = "level1' or role = "level2" if user login for level 1 they only see level 1 content and if user login level 2 they can see both level 1 and level 2 content

from django.shortcuts import render
from django.http import HttpResponse
from .forms import loginForm
from .models import memberModel

# Create your views here.
def login(request):
     lf = loginForm
     return render(request, 'member/login.html', {'lf':lf})
def getLogin(request):
     username = request.POST['username']
     password = request.POST['password']

     user = memberModel.objects.get(username = username)
     if (user.password == password):
          if (user.role == 'level1'):
              return HttpResponse('you are level 1 basic')
          else:
             return HttpResponse('you are VIP')
    else:
         return HttpResponse('login fail')

def level1(request):
#if login level 1 and level 2 role can see this
    return render(request, 'member/level1.html')

def level2(request):
# only login level 2 role can see this
    return render(request, 'member/level2.html')

how can i do that, please help

Answer 1

You can make use of the @user_passes_test decorator [Django-doc] :

from django.contrib.auth.decorators import login_required, user_passes_test

 = user_passes_test(lambda u: u.role == 'level2')

@login_required
def level1(request):
#if login level 1 and level 2 role can see this
    return render(request, 'member/level1.html')

@login_required

def level2(request):
# only login level 2 role can see this
    return render(request, 'member/level2.html')