#35288: login_required / user_passes_test redirects back to POST-only view ----------------------------------+-------------------------------------- Reporter: Patrick Rauscher | Owner: nobody Type: New feature | Status: closed Component: contrib.auth | Version: 5.0 Severity: Normal | Resolution: wontfix Keywords: | Triage Stage: Unreviewed Has patch: 0 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 ----------------------------------+-------------------------------------- Changes (by Natalia Bidart):
* resolution: => wontfix * status: new => closed * type: Bug => New feature Comment: Hello Patrick, thanks for your report and for helping making Django better. I do understand your issue though it seems a bit of a niche problem to me. I believe you could fix this by providing a custom view for the `login_url` param of the `user_passes_test` method that would redirect the user to whatever view is more appropriate than the POST-only view, particularly a view that could handle GET requests and provide a way of refreshing the session and taking the user to a suitable page to redo the POST. Also, your POST-only view could be tweaked so GET requests are allowed only when coming from a login operation, and the view itself could raise 405 for every other situation. In summary, I don't think this is a bug in Django, and I don't think the outlined issue applies to the broader ecosystem. Django is a framework designed to offer robust and accurate solutions for common scenarios, so I'll close the ticket accordingly, but if you disagree, you can consider starting a new conversation on the [https://forum.djangoproject.com/c/internals/5 Django Forum], where you'll reach a wider audience and likely get extra feedback. More information in [https://docs.djangoproject.com/en/stable/internals/contributing/bugs-and- features/#requesting-features the documented guidelines for requesting features]. -- Ticket URL: <https://code.djangoproject.com/ticket/35288#comment:1> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/0107018e2da910d1-868609a2-ab67-4494-8f5e-950d8562c4a1-000000%40eu-central-1.amazonses.com.