Fixed #24501 -- Improved auth.decorators.user_passes_test() example.

2025-10-31 09:41:08 +00:00 · 2015-03-22 10:47:18 +00:00
parent 13bc311cdb
commit fca14cd3f2
1 changed files with 9 additions and 4 deletions
--- a/docs/topics/auth/default.txt
+++ b/docs/topics/auth/default.txt
@@ -402,11 +402,12 @@ The simple, raw way to limit access to pages is to check
 <django.contrib.auth.models.User.is_authenticated()>` and either redirect to a
 login page::

+    from django.conf import settings
    from django.shortcuts import redirect

    def my_view(request):
        if not request.user.is_authenticated():
-            return redirect('/login/?next=%s' % request.path)
+            return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))
        # ...

 ...or display an error message::
@@ -503,16 +504,20 @@ essentially the same thing as described in the previous section.

 The simple way is to run your test on :attr:`request.user
 <django.http.HttpRequest.user>` in the view directly. For example, this view
-checks to make sure the user has an email in the desired domain::
+checks to make sure the user has an email in the desired domain and if not,
+redirects to the login page::
+
+    from django.shortcuts import redirect

    def my_view(request):
        if not request.user.email.endswith('@example.com'):
-            return HttpResponse("You can't vote in this poll.")
+            return redirect('/login/?next=%s' % request.path)
        # ...

 .. function:: user_passes_test(func, [login_url=None, redirect_field_name=REDIRECT_FIELD_NAME])

-    As a shortcut, you can use the convenient ``user_passes_test`` decorator::
+    As a shortcut, you can use the convenient ``user_passes_test`` decorator
+    which performs a redirect when the callable returns ``False``::

        from django.contrib.auth.decorators import user_passes_test