search

CleanData / data-network

An app for the visualisation of connections between datasets
BSD 2-Clause "Simplified" License
0 stars 0 forks source link

Adding user-logged-in check #9

Open jonroberts opened 10 years ago

jonroberts commented 10 years ago

We need to change the views.py for all the form views so that they redirect to the login page when one of the add/edit/delete pages is visited by a non-logged in user.

    if request.user.is_authenticated():
        return redirect('<view name>',<arguments>)

Ideally this should be a decorator we can just add to view functions.

We also need to alter the base template so that the nav menu only shows the +dataset and +scientist when the user is logged in.

This uses the template conditional:

{% if user.is_authenticated %}
eventuallyc0nsistent commented 10 years ago

Updated views.py for checking the authentication of the user

jonroberts commented 10 years ago

Excellent.

Let's break this down into a decorator so we can easily attach the requirement to all the views we want to keep protected.

Here's an example structure for a decorator in python:

def confirm_required(template_name, context_creator, key='__confirm__'):
    def decorator(func):
        def inner(request, *args, **kwargs):
            if request.POST.has_key(key):
                return func(request, *args, **kwargs)
            else:
                context = context_creator and context_creator(request, *args, **kwargs) \
                    or RequestContext(request)
                return render_to_response(template_name, context)
        return wraps(func)(inner)
    return decorator

This would then be used on a function in the following way:

@confirm_required('campaigns/delete_map_confirm.html', delete_map_context)
def delete_map(request, owner_name, campaign_id, map_id):
    ...

It's very modular and can be re-used over and over again on different views. Here's a decent primer on python decorators. They're really handy.