=== modified file 'django/contrib/auth/__init__.py'
|
|
|
| 1 | from django.conf import settings |
1 | 2 | from django.core.exceptions import ImproperlyConfigured |
2 | 3 | |
3 | 4 | SESSION_KEY = '_auth_user_id' |
4 | 5 | BACKEND_SESSION_KEY = '_auth_user_backend' |
5 | | LOGIN_URL = '/accounts/login/' |
| 6 | LOGIN_URL = getattr(settings, 'LOGIN_URL', '/accounts/login/') |
| 7 | ACCOUNT_URL = getattr(settings, 'ACCOUNT_URL', '/accounts/profile/') |
6 | 8 | REDIRECT_FIELD_NAME = 'next' |
7 | 9 | |
8 | 10 | def load_backend(path): |
=== modified file 'django/contrib/auth/views.py'
|
|
|
6 | 6 | from django.contrib.sites.models import Site |
7 | 7 | from django.http import HttpResponseRedirect |
8 | 8 | from django.contrib.auth.decorators import login_required |
9 | | from django.contrib.auth import LOGIN_URL, REDIRECT_FIELD_NAME |
| 9 | from django.contrib.auth import LOGIN_URL, ACCOUNT_URL, REDIRECT_FIELD_NAME |
10 | 10 | |
11 | 11 | def login(request, template_name='registration/login.html'): |
12 | 12 | "Displays the login form and handles the login action." |
… |
… |
|
17 | 17 | if not errors: |
18 | 18 | # Light security check -- make sure redirect_to isn't garbage. |
19 | 19 | if not redirect_to or '://' in redirect_to or ' ' in redirect_to: |
20 | | redirect_to = '/accounts/profile/' |
| 20 | redirect_to = ACCOUNT_URL |
21 | 21 | from django.contrib.auth import login |
22 | 22 | login(request, manipulator.get_user()) |
23 | 23 | request.session.delete_test_cookie() |
=== modified file 'docs/authentication.txt'
|
|
|
377 | 377 | |
378 | 378 | ``login_required`` does the following: |
379 | 379 | |
380 | | * If the user isn't logged in, redirect to ``/accounts/login/``, passing |
381 | | the current absolute URL in the query string as ``next``. For example: |
| 380 | * If the user isn't logged in, redirect to ``"settings.LOGIN_URL"`` |
| 381 | (``"/accounts/login/"`` by default), passing the current absolute URL |
| 382 | in the query string as ``next``. For example: |
382 | 383 | ``/accounts/login/?next=/polls/3/``. |
383 | 384 | * If the user is logged in, execute the view normally. The view code is |
384 | 385 | free to assume the user is logged in. |
385 | 386 | |
386 | | Note that you'll need to map the appropriate Django view to ``/accounts/login/``. |
387 | | To do this, add the following line to your URLconf:: |
| 387 | Note that you'll need to map the appropriate Django view to ``"settings.LOGIN_URL"``. |
| 388 | For example, using the defaults, add the following line to your URLconf:: |
388 | 389 | |
389 | 390 | (r'^accounts/login/$', 'django.contrib.auth.views.login'), |
390 | 391 | |
… |
… |
|
395 | 396 | |
396 | 397 | * If called via ``POST``, it tries to log the user in. If login is |
397 | 398 | successful, the view redirects to the URL specified in ``next``. If |
398 | | ``next`` isn't provided, it redirects to ``/accounts/profile/`` (which is |
399 | | currently hard-coded). If login isn't successful, it redisplays the login |
| 399 | ``next`` isn't provided, it redirects to ``"settings.ACCOUNT_URL"`` which |
| 400 | defaults to ``/accounts/profile/``. If login isn't successful, it redisplays the login |
400 | 401 | form. |
401 | 402 | |
402 | 403 | It's your responsibility to provide the login form in a template called |
=== modified file 'docs/settings.txt'
|
|
|
166 | 166 | 'news.Story': lambda o: "/stories/%s/%s/" % (o.pub_year, o.slug), |
167 | 167 | } |
168 | 168 | |
| 169 | ACCOUNT_URL |
| 170 | ------------- |
| 171 | |
| 172 | Default: ``'/accounts/profile/'`` |
| 173 | |
| 174 | The URL where requests are redirected after login when the ``"contrib.auth.login"`` view |
| 175 | gets no ``next`` parameter. |
| 176 | i.e.: When the `@login_required`_ decorator is called |
| 177 | |
169 | 178 | ADMIN_FOR |
170 | 179 | --------- |
171 | 180 | |
… |
… |
|
533 | 542 | you'll have to remember to wrap the languages in the *real* ``gettext()`` in |
534 | 543 | any code that uses ``LANGUAGES`` at runtime. |
535 | 544 | |
| 545 | LOGIN_URL |
| 546 | ------------- |
| 547 | |
| 548 | Default: ``'/accounts/login/'`` |
| 549 | |
| 550 | The URL where requests are redirected for login, specially when using the |
| 551 | `@login_required`_ decorator. |
| 552 | |
536 | 553 | MANAGERS |
537 | 554 | -------- |
538 | 555 | |
… |
… |
|
967 | 984 | |
968 | 985 | It boils down to this: Use exactly one of either ``configure()`` or |
969 | 986 | ``DJANGO_SETTINGS_MODULE``. Not both, and not neither. |
| 987 | |
| 988 | .. _@login_required: ../authentication/#the-login-required-decorator |