mirror of
https://github.com/django/django.git
synced 2024-12-23 01:25:58 +00:00
Standardized calling decorators on contrib.auth views.
This commit is contained in:
parent
f16a9a556f
commit
13585de7ac
@ -62,7 +62,10 @@ class RedirectURLMixin:
|
|||||||
raise ImproperlyConfigured("No URL to redirect to. Provide a next_page.")
|
raise ImproperlyConfigured("No URL to redirect to. Provide a next_page.")
|
||||||
|
|
||||||
|
|
||||||
@method_decorator(login_not_required, name="dispatch")
|
@method_decorator(
|
||||||
|
[login_not_required, sensitive_post_parameters(), csrf_protect, never_cache],
|
||||||
|
name="dispatch",
|
||||||
|
)
|
||||||
class LoginView(RedirectURLMixin, FormView):
|
class LoginView(RedirectURLMixin, FormView):
|
||||||
"""
|
"""
|
||||||
Display the login form and handle the login action.
|
Display the login form and handle the login action.
|
||||||
@ -74,9 +77,6 @@ class LoginView(RedirectURLMixin, FormView):
|
|||||||
redirect_authenticated_user = False
|
redirect_authenticated_user = False
|
||||||
extra_context = None
|
extra_context = None
|
||||||
|
|
||||||
@method_decorator(sensitive_post_parameters())
|
|
||||||
@method_decorator(csrf_protect)
|
|
||||||
@method_decorator(never_cache)
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
def dispatch(self, request, *args, **kwargs):
|
||||||
if self.redirect_authenticated_user and self.request.user.is_authenticated:
|
if self.redirect_authenticated_user and self.request.user.is_authenticated:
|
||||||
redirect_to = self.get_success_url()
|
redirect_to = self.get_success_url()
|
||||||
@ -122,6 +122,7 @@ class LoginView(RedirectURLMixin, FormView):
|
|||||||
return context
|
return context
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator([csrf_protect, never_cache], name="dispatch")
|
||||||
class LogoutView(RedirectURLMixin, TemplateView):
|
class LogoutView(RedirectURLMixin, TemplateView):
|
||||||
"""
|
"""
|
||||||
Log out the user and display the 'You are logged out' message.
|
Log out the user and display the 'You are logged out' message.
|
||||||
@ -131,11 +132,6 @@ class LogoutView(RedirectURLMixin, TemplateView):
|
|||||||
template_name = "registration/logged_out.html"
|
template_name = "registration/logged_out.html"
|
||||||
extra_context = None
|
extra_context = None
|
||||||
|
|
||||||
@method_decorator(csrf_protect)
|
|
||||||
@method_decorator(never_cache)
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
|
||||||
return super().dispatch(request, *args, **kwargs)
|
|
||||||
|
|
||||||
def post(self, request, *args, **kwargs):
|
def post(self, request, *args, **kwargs):
|
||||||
"""Logout may be done via POST."""
|
"""Logout may be done via POST."""
|
||||||
auth_logout(request)
|
auth_logout(request)
|
||||||
@ -211,7 +207,7 @@ class PasswordContextMixin:
|
|||||||
return context
|
return context
|
||||||
|
|
||||||
|
|
||||||
@method_decorator(login_not_required, name="dispatch")
|
@method_decorator([login_not_required, csrf_protect], name="dispatch")
|
||||||
class PasswordResetView(PasswordContextMixin, FormView):
|
class PasswordResetView(PasswordContextMixin, FormView):
|
||||||
email_template_name = "registration/password_reset_email.html"
|
email_template_name = "registration/password_reset_email.html"
|
||||||
extra_email_context = None
|
extra_email_context = None
|
||||||
@ -224,10 +220,6 @@ class PasswordResetView(PasswordContextMixin, FormView):
|
|||||||
title = _("Password reset")
|
title = _("Password reset")
|
||||||
token_generator = default_token_generator
|
token_generator = default_token_generator
|
||||||
|
|
||||||
@method_decorator(csrf_protect)
|
|
||||||
def dispatch(self, *args, **kwargs):
|
|
||||||
return super().dispatch(*args, **kwargs)
|
|
||||||
|
|
||||||
def form_valid(self, form):
|
def form_valid(self, form):
|
||||||
opts = {
|
opts = {
|
||||||
"use_https": self.request.is_secure(),
|
"use_https": self.request.is_secure(),
|
||||||
@ -252,7 +244,9 @@ class PasswordResetDoneView(PasswordContextMixin, TemplateView):
|
|||||||
title = _("Password reset sent")
|
title = _("Password reset sent")
|
||||||
|
|
||||||
|
|
||||||
@method_decorator(login_not_required, name="dispatch")
|
@method_decorator(
|
||||||
|
[login_not_required, sensitive_post_parameters(), never_cache], name="dispatch"
|
||||||
|
)
|
||||||
class PasswordResetConfirmView(PasswordContextMixin, FormView):
|
class PasswordResetConfirmView(PasswordContextMixin, FormView):
|
||||||
form_class = SetPasswordForm
|
form_class = SetPasswordForm
|
||||||
post_reset_login = False
|
post_reset_login = False
|
||||||
@ -263,8 +257,6 @@ class PasswordResetConfirmView(PasswordContextMixin, FormView):
|
|||||||
title = _("Enter new password")
|
title = _("Enter new password")
|
||||||
token_generator = default_token_generator
|
token_generator = default_token_generator
|
||||||
|
|
||||||
@method_decorator(sensitive_post_parameters())
|
|
||||||
@method_decorator(never_cache)
|
|
||||||
def dispatch(self, *args, **kwargs):
|
def dispatch(self, *args, **kwargs):
|
||||||
if "uidb64" not in kwargs or "token" not in kwargs:
|
if "uidb64" not in kwargs or "token" not in kwargs:
|
||||||
raise ImproperlyConfigured(
|
raise ImproperlyConfigured(
|
||||||
@ -350,18 +342,15 @@ class PasswordResetCompleteView(PasswordContextMixin, TemplateView):
|
|||||||
return context
|
return context
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator(
|
||||||
|
[sensitive_post_parameters(), csrf_protect, login_required], name="dispatch"
|
||||||
|
)
|
||||||
class PasswordChangeView(PasswordContextMixin, FormView):
|
class PasswordChangeView(PasswordContextMixin, FormView):
|
||||||
form_class = PasswordChangeForm
|
form_class = PasswordChangeForm
|
||||||
success_url = reverse_lazy("password_change_done")
|
success_url = reverse_lazy("password_change_done")
|
||||||
template_name = "registration/password_change_form.html"
|
template_name = "registration/password_change_form.html"
|
||||||
title = _("Password change")
|
title = _("Password change")
|
||||||
|
|
||||||
@method_decorator(sensitive_post_parameters())
|
|
||||||
@method_decorator(csrf_protect)
|
|
||||||
@method_decorator(login_required)
|
|
||||||
def dispatch(self, *args, **kwargs):
|
|
||||||
return super().dispatch(*args, **kwargs)
|
|
||||||
|
|
||||||
def get_form_kwargs(self):
|
def get_form_kwargs(self):
|
||||||
kwargs = super().get_form_kwargs()
|
kwargs = super().get_form_kwargs()
|
||||||
kwargs["user"] = self.request.user
|
kwargs["user"] = self.request.user
|
||||||
@ -375,10 +364,7 @@ class PasswordChangeView(PasswordContextMixin, FormView):
|
|||||||
return super().form_valid(form)
|
return super().form_valid(form)
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator(login_required, name="dispatch")
|
||||||
class PasswordChangeDoneView(PasswordContextMixin, TemplateView):
|
class PasswordChangeDoneView(PasswordContextMixin, TemplateView):
|
||||||
template_name = "registration/password_change_done.html"
|
template_name = "registration/password_change_done.html"
|
||||||
title = _("Password change successful")
|
title = _("Password change successful")
|
||||||
|
|
||||||
@method_decorator(login_required)
|
|
||||||
def dispatch(self, *args, **kwargs):
|
|
||||||
return super().dispatch(*args, **kwargs)
|
|
||||||
|
Loading…
Reference in New Issue
Block a user