django 403 forbidden - redirect to login -


how can redirect user login page when confronted 403 forbidden?

consider following code:

urls.py

router = routers.defaultrouter() router.register(r'users', views.userviewset)  urlpatterns = patterns('',     url(r'^', include(router.urls)), )

views.py

class userviewset(viewsets.modelviewset):         queryset = user.objects.all()         serializer_class = userserializer          renderer_classes = (renderers.jsonrenderer, renderers.templatehtmlrenderer)         template_name='rest_framework/users.html'          def list(self, request, *args, **kwargs):             response = super(viewset, self).list(request, *args, **kwargs)             if request.accepted_renderer.format == 'html':                 return response({'request':request, 'queryset': response.data['results']})             return response

if visit /domain/users while not logged in, i'll 403 forbidden error. instead, redirect login page. in other words, never show 403 errors instead redirect directly login page.

i have tried putting:

@login_required def list(...):

but not work. assume because inside viewset.

i have tried:

def list(...):     if not request.user.is_authenticated():         return render_to_response('domain/login.html')

but again, doesn't work.

i tried various 403middlewares no avail.

i tried redirecting via handler403 handler in urls.py

handler403 = 'site.views.login'

no success.

what do?

django version: 1.5.4

you can't use standard login_required decorator on class method. have either wrap as_view() when use in url:

url(r'...', login_required(userviewset.as_view()))

or wrap decorator django.utils.decorators.method_decorator , apply class dispatch method:

from django.utils.decorators import method_decorator django.contrib.auth.decorators import login_required  class userviewset(viewsets.modelviewset): ... @method_decorator(login_required) def dispatch(self, request, *args, **kwargs):     ....

(see https://docs.djangoproject.com/en/dev/topics/class-based-views/intro/#decorating-class-based-views)

for class-based views can incorporate reusable permissionrequiredmixin - see https://stackoverflow.com/a/6455140/839875

alternatively can raise django.core.exceptions.permissiondenied exception django catch django.views.defaults.permission_denied

(see https://docs.djangoproject.com/en/1.5/topics/http/views/#the-403-http-forbidden-view)


Comments

Post a Comment

Popular posts from this blog

user interface - How to replace the Python logo in a Tkinter-based Python GUI app? -

is there way change default logo, python logo , appears in window's task bar? notice have replaced default tk logo used appear in application window. i using windows 7 , python 2.6 , developing gui of tkinter. you can using winico tk extension package. winico package can used add system tray icons tk programs. the following sample shows 1 way change runtime application icon. note need provide .ico file suitable sizes of icons in on command line , need use pythonw. not change taskbar icon console when running python script. test extracted winico0.6 package python\tcl\winico0.6 folder package require winico work , ran code below using pythonw winico_test.py path\to\some\ico\file.ico . import sys tkinter import * def main(argv): root = tk() root.update() root.tk.call('package','require','winico') id = root.tk.call('winico','createfrom',argv[1]) root.tk.call('winico','setwindow',root,id...
Read more

android - Get AccessToken using signpost OAuth without opening a browser (Two legged Oauth) -

i using signpost oauth access data magento server. have read various tutorials on same , reach point open browser user can enter credentials. however, per requirement have automate part. hence, user should not browser page. have set-up done on server side ( magento ), hit url , returned call page. same through program in android. i have tried below, consumer = new commonshttpoauthconsumer(key, secret); provider = new commonshttpoauthprovider(oauth_init_url,access_token_url, authorize_url); try { provider.retrieverequesttoken(consumer, oauth.out_of_band); log.d("tokens" , consumer.gettoken() + " -- " + consumer.gettokensecret()); } and request tokens. dont know how bypass next step. tried directly accessing accesstoken (stupid of me) provider.retrieveaccesstoken(consumer, "mycallback://callback"); no luck, ends in oauth.signpost.exception.oauthnotauthorizedexception: authorization failed (server replied 401). ...
Read more

org.mockito.exceptions.misusing.InvalidUseOfMatchersException: mockito -

getting error org.mockito.exceptions.misusing.invaliduseofmatchersexception: invalid use of argument matchers! 1 matchers expected, 2 recorded. exception may occur if matchers combined raw values: //incorrect: somemethod(anyobject(), "raw string"); when using matchers, arguments have provided matchers. example: //correct: somemethod(anyobject(), eq("string matcher")); at when( getprogramservice .callservice(any(getprogramtype.class))) .thenreturn(jaxbresponse); please explain error , possible resolution the code posted looks fine; don't see problem it. code before or above causing exception. key here: invalid use of argument matchers! 1 matchers expected, 2 recorded. any , used above, doesn't return "special kind of null" or "special kind of getprogramtype"; don't exist. instead, returns null , side effect puts matcher on stack. whe...
Read more