1

I have a view which requires a user to be logged in. It writes some data to the database so I look for the form submission using request.method == 'POST'

The flow goes like this: If users are not logged in, they're redirected to the login page. After logging in, I then redirect them to my initial view using the next parameter. The problem is that the redirect is no longer a POST but a GET.

How do I make this request a POST? Should I use some other pattern to do this?

EDIT: Here's the kind of view that I have:

@login_required
def some_view(request):
    if request.method == 'POST':
        # Do something
        return HttpResponseRedirect('some_url')
Abid A
  • 7,588
  • 4
  • 32
  • 32
  • 1
    Can it help? http://stackoverflow.com/questions/1345892/external-django-redirect-with-post-parameters – imkost Mar 15 '13 at 17:46
  • @imkost Very hacky. I could do that but I'm wondering if there's a cleaner option. – Abid A Mar 15 '13 at 17:54

2 Answers2

5
  1. You probably shouldn't let them post until they are authenticated.
  2. If you HAD to accept POST from an unauthenticated user, BUT needed the user to login before doing some commit action...

I would do something along the lines of this:

def my_view(request):
    if not request.user.is_authenticated():
        if request.method == "POST":
            request.session['post'] = request.POST
        redirect_to_login(request.path)
    else :
        if request.method == "POST":
            form = form_class(request.POST, request.FILES)
            if form.is_valid():
                # DO STUFF
        else:
            form = form_class(initial=request.session['post'] if 'post' in request.session else {})

essentially, save the unauthenticated post data into your session and use them as the initial data for the form wen you redirect the user. Yes, they are going to have to review/hit the submit button again, but I think thats preferable to automatically passing the session dictionary through the is_valid function of the form.

Francis Yaconiello
  • 10,829
  • 2
  • 35
  • 54
0

Here is the usual pattern for things like that:

@login_required
def some_view(request):
    if request.method == 'POST':
        form = form_class(request.POST, request.FILES)
        if form.is_valid():
             # process form
             return HttpResponseRedirect('some_url')
    else:
        form = form_class()
    return render_to_response('template', {'form':form})

This requires user to be logged in to access the view. Once the user is logged in, he/she accesses the view using GET method. This displays the form to the user. Then after he submits the form using POST, it is validated. If form is valid, then you return a redirect and if it is not valid, notice that the invalid form will be passed to the same template as for GET, hence allowing you to display errors.

miki725
  • 27,207
  • 17
  • 105
  • 121
  • I get that. However, my use-case involves submitting the form to your view without being logged in and I would like to continue with that form submission after they've logged in. – Abid A Mar 15 '13 at 17:53
  • Oh. I misunderstood your question then. – miki725 Mar 15 '13 at 18:04