Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
sazhyk2015-09-23 09:04:34
Django
sazhyk, 2015-09-23 09:04:34

How to make login to Django site only after authorization?

Hello. At work, I had to write a small intracorporate portal site. Since I am not strong in programming languages, the choice fell on a bunch of Python + Django. (This is my personal choice with a look into the future, please do not breed questions about the advantages / disadvantages of languages, CMS, etc.) The essence will be this: there are two groups of users - let's call them administrators and users. Actually the question is: how to make it so that when entering the site it was necessary to pass authorization, and only after it get access to the site functions that are defined in the groups / users section. Google leads only to how to organize authorization after you have entered the site.
Thanks in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexander, 2015-09-23
@syschel

Force authorization: 

from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect

class ValidLogin(object):

    def process_request(request):
        if not request.user.is_authenticated():
            return HttpResponseRedirect(reverse('signin'))
        return None

MIDDLEWARE_CLASSES = (
    'project.middleware.ValidLogin',
)

And the distribution of rights is already either at the level of urls or at the level of views.
In urls you can
from django.conf.urls import patterns, url
from django.contrib.auth.decorators import user_passes_test
urlpatterns = patterns('crm.views',
    url(r'^$', 
        user_passes_test(lambda u: u.is_superuser or u.is_moderator)(HomeCRM.as_view()),
        name='home'),
)

If it’s just authorization through urls, then like this:
from django.contrib.auth.decorators import login_required
urlpatterns = patterns('crm.views',
    url(r'^$', 
        login_required(HomeCRM.as_view()),
        name='home'),
)

But this is to check each line of the url for authorization ... And then think about how to implement rights by groups. It's easier, as above, to check authorization through middleware and send it to the login form.

Report
Z
zigen, 2015-09-23
@zigen

So cover all url patterns including root @login_requireq

Similar questions
H
Hcuy2020-09-13 17:36:34
How to solve the error in the logs? 1Reply
V
Vitaly Ananiev2022-01-08 20:29:57
Why AttributeError: 'QueryDict' object has no attribute 'all'? 0Reply
A
Alexey Semyonov2018-11-07 18:13:24
How to set default form value in django? 1Reply
U
undeadter2016-06-08 20:13:56
Django - How to automatically create a database table structure from scratch if it was deleted? 2Reply
J
Jundallah2020-09-15 22:25:20
How to filter the list by parent parent? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question