Open jonroberts opened 10 years ago
Updated views.py for checking the authentication of the user
Excellent.
Let's break this down into a decorator so we can easily attach the requirement to all the views we want to keep protected.
Here's an example structure for a decorator in python:
def confirm_required(template_name, context_creator, key='__confirm__'):
def decorator(func):
def inner(request, *args, **kwargs):
if request.POST.has_key(key):
return func(request, *args, **kwargs)
else:
context = context_creator and context_creator(request, *args, **kwargs) \
or RequestContext(request)
return render_to_response(template_name, context)
return wraps(func)(inner)
return decorator
This would then be used on a function in the following way:
@confirm_required('campaigns/delete_map_confirm.html', delete_map_context)
def delete_map(request, owner_name, campaign_id, map_id):
...
It's very modular and can be re-used over and over again on different views. Here's a decent primer on python decorators. They're really handy.
We need to change the views.py for all the form views so that they redirect to the login page when one of the add/edit/delete pages is visited by a non-logged in user.
Ideally this should be a decorator we can just add to view functions.
We also need to alter the base template so that the nav menu only shows the +dataset and +scientist when the user is logged in.
This uses the template conditional: