Django Login Required Not Redirecting Properly

Question

So I am trying to add a @login_required decorator on my pages that aren't the login page, but when I try to login and redirect to a different page, it does not redirect. I got to my url, then login, and then it adds the /?next=/redirect_page/. So it goes from www.example.com to www.example.com/?next=/redirect_page/ even though it should see that it is logged in and redirect, not add the next part. Below is my code.

home.html:

<form method="post" class="form-signin" action="{% url 'index' %}">
    {% csrf_token %}
    <input type="hidden" name="next" value="{{ next }}" />
    <h2 class="form-signin-heading">Please Sign In</h2>
    {% bootstrap_form form %}
    {% buttons %}
    <button type="submit" class="btn btn-primary">Submit</button>
    {% endbuttons %}
</form>

home/views.py:

from django.shortcuts import render
from django.http import HttpResponseRedirect
from django.contrib.auth import authenticate

from .forms import SignInForm


def index(request):
    # if this is a POST request we need to process the form data
    if request.method == 'POST':
        # create a form instance and populate it with data from the request:
        form = SignInForm(request.POST)
        # check whether it's valid:
        if form.is_valid():
            # process the data in form.cleaned_data as required
            user = authenticate(username=request.POST.get('username', None), password=request.POST.get('password', None))
            if user is not None:
                return HttpResponseRedirect('/redirect_page/')
            else:
                form = SignInForm()

    # if a GET (or any other method) we'll create a blank form
    else:
        form = SignInForm()

    return render(request, "home/home.html", {'form': form})

redirect_page/views.py:

from django.shortcuts import get_object_or_404, render
from django.contrib.auth.decorators import login_required

from .models import Table


@login_required
def index(request):
    stuff = Table.objects.all()
    context = {"stuff": stuff,}
    return render(request, "redirect_page/index.html", context)


@login_required
def stuff(request, stuff_id):
    stuff = get_object_or_404(Table, pk=word_id)
    return render(request, "redirect_page/detail.html", {"stuff": stuff})

What am I doing wrong?

Answer 1

You have authenticated the user, but you have not logged them in. You need to add login(request, user) to the view.

from django.contrib.auth import authenticate, login

def index(request):
    ...
    if form.is_valid():
        # process the data in form.cleaned_data as required
        user = authenticate(username=request.POST.get('username', None), password=request.POST.get('password', None))
        if user is not None:
            login(request, user)
            return HttpResponseRedirect('/redirect_page/')
        ...

See the docs on how to log a user in for more info.

Note that you shouldn't put form = SignInForm() in the else block when the form isn't valid. This replaces the bound form (which might have useful error messages) with an empty form.

Answer 2

In case you have not specified LOGIN_URL variable in your settings do so. It should work post that.