Hello, First of all thanks for your answer ! I think that the name I gave "index.html" is causing confusion. In fact that's the first view I created and so the only template I have at the moment and I awkwardly named it index.html, It should be named signup.html or something like that. I'm not looking to handle log in and logout here, just making sure that a logged user cannot sign-up again ( which would be a nonsense and in my opinion a flaw ),this is my signup form view which is located at /subscribe/.
Is it better with these explications or does the approach I'm taking still feel weird ? Nolhian On Nov 24, 1:37 pm, Ivo Brodien <i...@brodien.de> wrote: > DrBloodMoney is right, It is kind of odd how you are solving the problem but > it might me kind of right depending on what you are trying to do. > > Considering how most of the websites work you should do this. > > In all the templates include another template which does this: > > {% if not user.is_authenticated %} > LINK Login | Link Sign Up > {% else %} > Logged in as username | Link Logout > {% endif %} > > Logout, Login and Sign Up are handled by different urls/views and not the > index or any other view > > if you want to make a view available only to authenticated users, use the > @login_required decorator.[2] > > If you are using the provided django.auth system the views for login, logout > are already there. In the settings you can define some behavior. > > See the settings LOGIN_REDIRECT_URL, LOGIN_URL, LOGOUT_URL [1] > > [1]https://docs.djangoproject.com/en/1.3/ref/settings/#login-url > [2]https://docs.djangoproject.com/en/1.3/topics/auth/#the-login-required... > > On Nov 24, 2011, at 3:31 , Nolhian wrote: > > > > > > > > >> This seems all sorts of wrong to me. Why couldn't the user just log > >> out and then post? Seems like an odd workflow, but I don't know your > >> business-case here. > > > Yes the user can just log out and then post but since this is a sign- > > up form it would seem logical to not be able to sign-up if the user is > > logged in which means he already has an account. > > >> You could always control what is shown to the user in the template (to > >> limit their ability to use your form to post to the view) with > > >> {% if not user.is_authenticated %} > >> SHOW FORM > >> {% else %} > >> you're logged in so you can't post > >> {% endif %} > > > That's kind of what I'm doing but I still need to check somewhere in > > the view if the user is logged in. If I don't the user can open the > > sign-up form page, then open another page of the site and log in, then > > switch back to the sign-up form page, send the form ( which will be > > validated in the view since there's no checking if the user is > > authenticated or not there ) and successfully sign-up again WHILE > > being logged in. To be able to do that just seems wrong to me. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Django users" group. > > To post to this group, send email to django-users@googlegroups.com. > > To unsubscribe from this group, send email to > > django-users+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/django-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.