Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
sazhyk2015-09-23 09:04:34
Django
sazhyk, 2015-09-23 09:04:34

How to make login to Django site only after authorization?

Hello. At work, I had to write a small intracorporate portal site. Since I am not strong in programming languages, the choice fell on a bunch of Python + Django. (This is my personal choice with a look into the future, please do not breed questions about the advantages / disadvantages of languages, CMS, etc.) The essence will be this: there are two groups of users - let's call them administrators and users. Actually the question is: how to make it so that when entering the site it was necessary to pass authorization, and only after it get access to the site functions that are defined in the groups / users section. Google leads only to how to organize authorization after you have entered the site.
Thanks in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexander, 2015-09-23
@syschel

Force authorization: 

from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect

class ValidLogin(object):

    def process_request(request):
        if not request.user.is_authenticated():
            return HttpResponseRedirect(reverse('signin'))
        return None

MIDDLEWARE_CLASSES = (
    'project.middleware.ValidLogin',
)

And the distribution of rights is already either at the level of urls or at the level of views.
In urls you can
from django.conf.urls import patterns, url
from django.contrib.auth.decorators import user_passes_test
urlpatterns = patterns('crm.views',
    url(r'^$', 
        user_passes_test(lambda u: u.is_superuser or u.is_moderator)(HomeCRM.as_view()),
        name='home'),
)

If it’s just authorization through urls, then like this:
from django.contrib.auth.decorators import login_required
urlpatterns = patterns('crm.views',
    url(r'^$', 
        login_required(HomeCRM.as_view()),
        name='home'),
)

But this is to check each line of the url for authorization ... And then think about how to implement rights by groups. It's easier, as above, to check authorization through middleware and send it to the login form.

Report
Z
zigen, 2015-09-23
@zigen

So cover all url patterns including root @login_requireq

Similar questions
N
NeFek2020-06-10 16:46:43
Have all the fields in Django Admin changed? 1Reply
S
s_katala2018-05-23 15:46:26
Django date localization? 1Reply
M
ma3xak2018-05-24 17:07:38
I can't figure out where is the error? 2Reply
M
marselabdullin2020-06-11 10:49:41
How to add objects through admin panel using celery django? 1Reply
S
Sergey Nizhny Novgorod2016-01-16 03:00:50
How to cascade call ForeignKey elements in one view in Django? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question