In most cases using these decorators solves the problem of protecting resources while keeping the code (and the user interface) clean.
A problem occurs when we try to access a protected resource while attaching some URI query parameter, ex. http://example.com/resource/?foo=1&bar=example. We get redirected to the login page, and after providing our credentials we get redirected back to http://example.com/resource/ ... and the query parameters are gone!
Sadly the default login_required decorator does not preserve them... we have to provide our own decorator:
1. def resource_login_required(some_view):
2. def wrapper(request, *args, **kw):
3. if not request.user.is_authenticated():
4. params = map(lambda x: "%s=%s&" % \
(x[0],x[1]), request.GET.items())
5. return HttpResponseRedirect( \
"/login/?%snext=%s" % \
("".join(params),request.path))
6. else:
7. return some_view(request, *args, **kw)
8. return wrapper
Line 4 is the key instruction, the presented lambda expression maps the parameter key-value pairs to an URI scheme query parameter representation. Next we concatenate the parameters with the original request path - this is it, after performing a successful login we should be redirected to the requested resource along with the request query parameters.
This decorator may by used just like the prevoiusly mentioned ones:
1. @resource_login_required
2. def my_view(request):
3. #your view code
4. passFeel free to adjust this decorator to your needs.
No comments:
Post a Comment