> This seems all sorts of wrong to me. Why couldn't the user just log
> out and then post? Seems like an odd workflow, but I don't know your
> business-case here.
Yes the user can just log out and then post but since this is a sign-
up form it would seem logical to not be able to sign-up if the user is
logged in which means he already has an account.
> You could always control what is shown to the user in the template (to
> limit their ability to use your form to post to the view) with
>
> {% if not user.is_authenticated %}
> SHOW FORM
> {% else %}
> you're logged in so you can't post
> {% endif %}
That's kind of what I'm doing but I still need to check somewhere in
the view if the user is logged in. If I don't the user can open the
sign-up form page, then open another page of the site and log in, then
switch back to the sign-up form page, send the form ( which will be
validated in the view since there's no checking if the user is
authenticated or not there ) and successfully sign-up again WHILE
being logged in. To be able to do that just seems wrong to me.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
