Ticket #3185: 3185_3.diff

django/contrib/comments/templatetags/comments.py

@@ -5 +5 @@
 from django.template import loader
 from django.core.exceptions import ObjectDoesNotExist
 from django.contrib.contenttypes.models import ContentType
+from django.contrib.auth import LOGOUT_URL
 import re
 
 register = template.Library()
@@ -64 +65 @@
             if self.rating_options:
                 context['rating_range'], context['rating_choices'] = Comment.objects.get_rating_options(self.rating_options)
             context['hash'] = Comment.objects.get_security_hash(context['options'], context['photo_options'], context['rating_options'], context['target'])
+            context['logout_url'] = LOGOUT_URL
             default_form = loader.get_template(COMMENT_FORM)
         output = default_form.render(context)
         context.pop()

django/contrib/comments/templates/comments/form.html

@@ -3 +3 @@
 <form {% if photos_optional or photos_required %}enctype="multipart/form-data" {% endif %}action="/comments/post/" method="post">
 
 {% if user.is_authenticated %}
-<p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a href="/accounts/logout/">{% trans "Log out" %}</a>)</p>
+<p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a href="{{ logout_url }}">{% trans "Log out" %}</a>)</p>
 {% else %}
 <p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p>
 {% endif %}

django/contrib/auth/views.py

@@ -6 +6 @@
 from django.contrib.sites.models import Site
 from django.http import HttpResponseRedirect
 from django.contrib.auth.decorators import login_required
-from django.contrib.auth import LOGIN_URL, REDIRECT_FIELD_NAME
+from django.contrib.auth import LOGIN_URL, ACCOUNT_URL, REDIRECT_FIELD_NAME
 
 def login(request, template_name='registration/login.html'):
     "Displays the login form and handles the login action."
@@ -17 +17 @@
         if not errors:
             # Light security check -- make sure redirect_to isn't garbage.
             if not redirect_to or '://' in redirect_to or ' ' in redirect_to:
-                redirect_to = '/accounts/profile/'
+                redirect_to = ACCOUNT_URL
             from django.contrib.auth import login
             login(request, manipulator.get_user())
             request.session.delete_test_cookie()

django/contrib/auth/__init__.py

@@ +1 @@
+from django.conf import settings
 from django.core.exceptions import ImproperlyConfigured
 
 SESSION_KEY = '_auth_user_id'
@@ -2 +3 @@
 BACKEND_SESSION_KEY = '_auth_user_backend'
-LOGIN_URL = '/accounts/login/'
+LOGIN_URL = getattr(settings, 'LOGIN_URL', '/accounts/login/')
+LOGOUT_URL = getattr(settings, 'LOGOUT_URL', '/accounts/logout/')
+ACCOUNT_URL = getattr(settings, 'ACCOUNT_URL', '/accounts/profile/')
 REDIRECT_FIELD_NAME = 'next'

docs/settings.txt

@@ -166 +166 @@
         'news.Story': lambda o: "/stories/%s/%s/" % (o.pub_year, o.slug),
     }
 
+ACCOUNT_URL
+-------------
+
+Default: ``'/accounts/profile/'``
+
+The URL where requests are redirected after login when the ``"contrib.auth.login"`` view
+gets no ``next`` parameter. 
+i.e.: When the `@login_required`_ decorator is called
+
 ADMIN_FOR
 ---------
 
@@ -533 +542 @@
 you'll have to remember to wrap the languages in the *real* ``gettext()`` in
 any code that uses ``LANGUAGES`` at runtime.
 
+LOGIN_URL
+-------------
+
+Default: ``'/accounts/login/'``
+
+The URL where requests are redirected for login, specially when using the
+`@login_required`_ decorator.
+
+LOGOUT_URL
+-------------
+
+Default: ``'/accounts/logout/'``
+
+LOGIN_URL counterpart.
+
 MANAGERS
 --------
 
@@ -972 +996 @@
 
 It boils down to this: Use exactly one of either ``configure()`` or
 ``DJANGO_SETTINGS_MODULE``. Not both, and not neither.
+
+.. _@login_required: ../authentication/#the-login-required-decorator

docs/authentication.txt

@@ -377 +377 @@
 
 ``login_required`` does the following:
 
-    * If the user isn't logged in, redirect to ``/accounts/login/``, passing
-      the current absolute URL in the query string as ``next``. For example:
+    * If the user isn't logged in, redirect to ``"settings.LOGIN_URL"`` 
+      (``"/accounts/login/"`` by default), passing the current absolute URL
+      in the query string as ``next``. For example:
       ``/accounts/login/?next=/polls/3/``.
     * If the user is logged in, execute the view normally. The view code is
       free to assume the user is logged in.
 
-Note that you'll need to map the appropriate Django view to ``/accounts/login/``.
-To do this, add the following line to your URLconf::
+Note that you'll need to map the appropriate Django view to ``"settings.LOGIN_URL"``.
+For example, using the defaults, add the following line to your URLconf::
 
     (r'^accounts/login/$', 'django.contrib.auth.views.login'),
 
@@ -395 +396 @@
 
     * If called via ``POST``, it tries to log the user in. If login is
       successful, the view redirects to the URL specified in ``next``. If
-      ``next`` isn't provided, it redirects to ``/accounts/profile/`` (which is
-      currently hard-coded). If login isn't successful, it redisplays the login
+      ``next`` isn't provided, it redirects to ``"settings.ACCOUNT_URL"`` which 
+      defaults to ``/accounts/profile/``. If login isn't successful, it redisplays the login
       form.
 
 It's your responsibility to provide the login form in a template called