2
0
mirror of https://expo.survex.com/repositories/troggle/.git synced 2025-01-19 09:22:32 +00:00

Implement redirects after login (using the next parameter)

This commit is contained in:
Martin Green 2022-06-25 16:13:02 +01:00
parent 74a5125cf9
commit b3d9e81499

View File

@ -1,10 +1,11 @@
from builtins import str
from django.conf import settings
from django.shortcuts import render
from django.shortcuts import render, redirect
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth import forms as auth_forms
from django.contrib.auth.decorators import login_required
from django.utils.http import is_safe_url
"""This enforces the login requirement for non-public pages using
the decorator mechanism.
@ -70,8 +71,20 @@ def expologin(request):
try:
login(request, user)
# Should do the ?next= stuff here..
return render(request, 'tasks.html', {})
return redirect_after_login(request)
except:
return render(request, 'errors/generic.html', {})
def redirect_after_login(request):
nxt = request.GET.get("next", None)
if nxt is None:
return redirect(settings.LOGIN_REDIRECT_URL)
elif not is_safe_url(
url=nxt,
allowed_hosts={request.get_host()},
require_https=request.is_secure()):
return redirect(settings.LOGIN_REDIRECT_URL)
else:
return redirect(nxt)