Regarding the first question, you can do this by creating a middleware
class which checks for authenticated users by default. You could also
created a decorator to tag view functions as public. For example...
in file yourproject/yourapp/middleware.py:
from django.conf import settings
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponseRedirect
from urllib import quote
def allow_anonymous(view_func):
view_func.allow_anonymous = True
return view_func
class RequireLogin:
def process_view(self, request, view_func, view_args,
view_kwargs):
if not getattr(view_func, 'allow_anonymous', False) and not
request.user.is_authenticated():
return HttpResponseRedirect('%s?%s=%s' % (settings.LOGIN_URL,
REDIRECT_FIELD_NAME, quote(request.get_full_path())))
Then add 'yourproject.yourapp.middleware.RequireLogin' to
MIDDLEWARE_CLASSES in settings.py.
Now you can use it in your view:
from yourproject.yourapp.middleware import allow_anonymous
def some_private_view(request):
# won't be accessible unless user is logged in
return HttpResponse('Hello, user!')
@allow_anonymous
def some_public_view(request):
return HttpResponse('Hello, world!')
eXt wrote:
> Hi all!
>
> I build an application which will use Django's authentication
> system. This is my first Django application that uses auth system, so
> sorry if the questions below are trivial.
>
> 1. Do I have to decorate all views with login_required if I want to
> keep them secured? Isn't there any inversed method which will secure
> all views by default, and I will only enable some of them to public?
>
> 2. My use case is that I need to save ip addresses of users who are
> logging into my application. First thing is how to extend user model,
> but I think that I found the proper solution in Django Book (user
> profile). Second thing is what to do to catch 'logging in' event to be
> able to read an ip from request and save it (even if the
> authentication isn't successful)? Is it possible to set an event on
> existing login method (django.contrib.auth.views.login), or should I
> do something different, for example write my own login view?
>
> Hmm.. thats all :)
>
> Thanks in advance.
>
> --
> Jakub Wisniowski
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
