When writing views, it's obviously a good practice - if not mandatory - to use the @login_required decorator.
BUT - that only checks for authenticates users of
from django.contrib.auth.models import User
What I want to accomplish is to also check that the User exists as a UserProfile. In my app, for instance, I have some UserProfiles. All have User objects related to them, ofcourse. but I also have other users which don't have a UserProfile. Such user is my admin user. I want to make sure that requests come from users who have UserProfiles (and that are authenticated).
Is there a way to change the decorator to support that? Currently I just wrote my own code to do that:
def user_login(request):
context = context = RequestContext(request)
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
try:
user = authenticate(username=username, password=password)
user_profile = user.userprofile
except (ObjectDoesNotExist,AttributeError) as e:
# username and password only prompted for debug purposes.
error_msg = "Invalid login details: {0}, {1}".format(username, password)
print (error_msg)
# print (request)
# return HttpResponse("Invalid login details supplied.")
return render(request, 'bz/login.html', {'error_msg': error_msg})
if user and user_profile:
if user.is_active:
login(request,user)
# return HttpResponse("You're now logged in as " + username)
# return render(request, 'bz/index.html', {})
return render(request, 'bz/index.html', {'userprofile': user_profile})
# return HttpResponseRedirect('bz/login.html')
else:
error_msg = "Your account is disabled"
print (error_msg)
return render(request, 'bz/login.html', {'error_msg': error_msg})
# return HttpResponse(error_msg)
else:
error_msg = "Invalid login details: {0}, {1}".format(username, password)
print (error_msg)
return render(request, 'bz/login.html', {'error_msg': error_msg})
# return HttpResponse("Invalid login details supplied.")
else:
if request.user.is_authenticated():
return render(request, 'bz/index.html', {})
else:
return render(request, 'bz/login.html', {})
Your input would be very much appreciated. Thank you.
You can use the
user_passes_test
decorator to take a function that checks the user profilee.g.