django 403 forbidden - redirect to login -


how can redirect user login page when confronted 403 forbidden?

consider following code:

urls.py

router = routers.defaultrouter() router.register(r'users', views.userviewset)  urlpatterns = patterns('',     url(r'^', include(router.urls)), )

views.py

class userviewset(viewsets.modelviewset):         queryset = user.objects.all()         serializer_class = userserializer          renderer_classes = (renderers.jsonrenderer, renderers.templatehtmlrenderer)         template_name='rest_framework/users.html'          def list(self, request, *args, **kwargs):             response = super(viewset, self).list(request, *args, **kwargs)             if request.accepted_renderer.format == 'html':                 return response({'request':request, 'queryset': response.data['results']})             return response

if visit /domain/users while not logged in, i'll 403 forbidden error. instead, redirect login page. in other words, never show 403 errors instead redirect directly login page.

i have tried putting:

@login_required def list(...):

but not work. assume because inside viewset.

i have tried:

def list(...):     if not request.user.is_authenticated():         return render_to_response('domain/login.html')

but again, doesn't work.

i tried various 403middlewares no avail.

i tried redirecting via handler403 handler in urls.py

handler403 = 'site.views.login'

no success.

what do?

django version: 1.5.4

you can't use standard login_required decorator on class method. have either wrap as_view() when use in url:

url(r'...', login_required(userviewset.as_view()))

or wrap decorator django.utils.decorators.method_decorator , apply class dispatch method:

from django.utils.decorators import method_decorator django.contrib.auth.decorators import login_required  class userviewset(viewsets.modelviewset): ... @method_decorator(login_required) def dispatch(self, request, *args, **kwargs):     ....

(see https://docs.djangoproject.com/en/dev/topics/class-based-views/intro/#decorating-class-based-views)

for class-based views can incorporate reusable permissionrequiredmixin - see https://stackoverflow.com/a/6455140/839875

alternatively can raise django.core.exceptions.permissiondenied exception django catch django.views.defaults.permission_denied

(see https://docs.djangoproject.com/en/1.5/topics/http/views/#the-403-http-forbidden-view)


Comments

Post a Comment

Popular posts from this blog

android - Get AccessToken using signpost OAuth without opening a browser (Two legged Oauth) -

i using signpost oauth access data magento server. have read various tutorials on same , reach point open browser user can enter credentials. however, per requirement have automate part. hence, user should not browser page. have set-up done on server side ( magento ), hit url , returned call page. same through program in android. i have tried below, consumer = new commonshttpoauthconsumer(key, secret); provider = new commonshttpoauthprovider(oauth_init_url,access_token_url, authorize_url); try { provider.retrieverequesttoken(consumer, oauth.out_of_band); log.d("tokens" , consumer.gettoken() + " -- " + consumer.gettokensecret()); } and request tokens. dont know how bypass next step. tried directly accessing accesstoken (stupid of me) provider.retrieveaccesstoken(consumer, "mycallback://callback"); no luck, ends in oauth.signpost.exception.oauthnotauthorizedexception: authorization failed (server replied 401). ...
Read more

org.mockito.exceptions.misusing.InvalidUseOfMatchersException: mockito -

getting error org.mockito.exceptions.misusing.invaliduseofmatchersexception: invalid use of argument matchers! 1 matchers expected, 2 recorded. exception may occur if matchers combined raw values: //incorrect: somemethod(anyobject(), "raw string"); when using matchers, arguments have provided matchers. example: //correct: somemethod(anyobject(), eq("string matcher")); at when( getprogramservice .callservice(any(getprogramtype.class))) .thenreturn(jaxbresponse); please explain error , possible resolution the code posted looks fine; don't see problem it. code before or above causing exception. key here: invalid use of argument matchers! 1 matchers expected, 2 recorded. any , used above, doesn't return "special kind of null" or "special kind of getprogramtype"; don't exist. instead, returns null , side effect puts matcher on stack. whe...
Read more

google shop client API returns 400 bad request error while adding an item -

i'm working on solution add items in google shopping market java application. following tutorial real mess because of missing classes of laste release, after setting 1.5-beta maven managed make base example typecheck correctly classes. still can make simple task of adding 1 item. instead of posting whole code i'm posting part creates product feed. private product createproduct(string id) { product product = new product(); product.title = "red wool sweater"; product.content = new content( "text", "comfortable , soft, sweater keep warm on " + "cold winter nights. red , blue stripes."); product.appcontrol = new appcontrol(); product.appcontrol.addrequireddestination("productads"); product.externalid = id; product.lang = "it"; product.country = "it"; product.condition = "nuovo"; product.price = new price("eu...
Read more