Hello,
First of all thanks for your answer !
I think that the name I gave "index.html" is causing confusion. In
fact that's the first view I created and so the only template I have
at the moment and I awkwardly named it index.html, It should be named
signup.html or something like that. I'm not looking to handle log in
and logout here, just making sure that a logged user cannot sign-up
again ( which would be a nonsense and in my opinion a flaw ),this is
my signup form view which is located at /subscribe/.
Is it better with these explications or does the approach I'm taking
still feel weird ?
Nolhian
On Nov 24, 1:37 pm, Ivo Brodien <i...@brodien.de> wrote:
> DrBloodMoney is right, It is kind of odd how you are solving the problem but
> it might me kind of right depending on what you are trying to do.
>
> Considering how most of the websites work you should do this.
>
> In all the templates include another template which does this:
>
> {% if not user.is_authenticated %}
> LINK Login | Link Sign Up
> {% else %}
> Logged in as username | Link Logout
> {% endif %}
>
> Logout, Login and Sign Up are handled by different urls/views and not the
> index or any other view
>
> if you want to make a view available only to authenticated users, use the
> @login_required decorator.[2]
>
> If you are using the provided django.auth system the views for login, logout
> are already there. In the settings you can define some behavior.
>
> See the settings LOGIN_REDIRECT_URL, LOGIN_URL, LOGOUT_URL [1]
>
> [1]https://docs.djangoproject.com/en/1.3/ref/settings/#login-url
> [2]https://docs.djangoproject.com/en/1.3/topics/auth/#the-login-required...
>
> On Nov 24, 2011, at 3:31 , Nolhian wrote:
>
>
>
>
>
>
>
> >> This seems all sorts of wrong to me. Why couldn't the user just log
> >> out and then post? Seems like an odd workflow, but I don't know your
> >> business-case here.
>
> > Yes the user can just log out and then post but since this is a sign-
> > up form it would seem logical to not be able to sign-up if the user is
> > logged in which means he already has an account.
>
> >> You could always control what is shown to the user in the template (to
> >> limit their ability to use your form to post to the view) with
>
> >> {% if not user.is_authenticated %}
> >> SHOW FORM
> >> {% else %}
> >> you're logged in so you can't post
> >> {% endif %}
>
> > That's kind of what I'm doing but I still need to check somewhere in
> > the view if the user is logged in. If I don't the user can open the
> > sign-up form page, then open another page of the site and log in, then
> > switch back to the sign-up form page, send the form ( which will be
> > validated in the view since there's no checking if the user is
> > authenticated or not there ) and successfully sign-up again WHILE
> > being logged in. To be able to do that just seems wrong to me.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django users" group.
> > To post to this group, send email to django-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-users+unsubscr...@googlegroups.com.
> > For more options, visit this group
> > athttp://groups.google.com/group/django-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
