summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorMatt Seymour <matt@mattseymour.net>2015-03-22 10:47:18 +0000
committerTim Graham <timograham@gmail.com>2015-03-24 10:30:33 -0400
commit388dc33f5bfdd7035f4a32c4ec1eea269eb88870 (patch)
treeab72108901ad1b25775e707a936d4309437b9aa8 /docs
parentb46643a47e82fb56d589b9584877f823dabc3fdf (diff)
[1.7.x] Fixed #24501 -- Improved auth.decorators.user_passes_test() example.
Backport of fca14cd3f27a01f7ba1fe32ea9587fa75b85713a from master
Diffstat (limited to 'docs')
-rw-r--r--docs/topics/auth/default.txt13
1 files changed, 9 insertions, 4 deletions
diff --git a/docs/topics/auth/default.txt b/docs/topics/auth/default.txt
index d3a5b722d7..66a6870391 100644
--- a/docs/topics/auth/default.txt
+++ b/docs/topics/auth/default.txt
@@ -406,11 +406,12 @@ The simple, raw way to limit access to pages is to check
<django.contrib.auth.models.User.is_authenticated()>` and either redirect to a
login page::
+ from django.conf import settings
from django.shortcuts import redirect
def my_view(request):
if not request.user.is_authenticated():
- return redirect('/login/?next=%s' % request.path)
+ return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))
# ...
...or display an error message::
@@ -497,16 +498,20 @@ essentially the same thing as described in the previous section.
The simple way is to run your test on :attr:`request.user
<django.http.HttpRequest.user>` in the view directly. For example, this view
-checks to make sure the user has an email in the desired domain::
+checks to make sure the user has an email in the desired domain and if not,
+redirects to the login page::
+
+ from django.shortcuts import redirect
def my_view(request):
if not request.user.email.endswith('@example.com'):
- return HttpResponse("You can't vote in this poll.")
+ return redirect('/login/?next=%s' % request.path)
# ...
.. function:: user_passes_test(func, [login_url=None])
- As a shortcut, you can use the convenient ``user_passes_test`` decorator::
+ As a shortcut, you can use the convenient ``user_passes_test`` decorator
+ which performs a redirect when the callable returns ``False``::
from django.contrib.auth.decorators import user_passes_test