How to require login to Django Generic Views?

Question

How to require login to Django Generic Views?

I want to restrict access to URLs handled by Django Generic Views.

For my views, I know that login_required decorator does the job. Also, Create / Delete / Update Generic Views accepts the login_required argument, but I could not find a way to do this for other general views.

+62

python django

hamdiakoguz Jan 26 '10 at 15:59

source share

7 answers

Django 1.9 or using django-braces

Django 1.9 introduced LoginRequiredMixin , which is used this way:

 from django.contrib.auth.mixins import LoginRequiredMixin class MyView(LoginRequiredMixin, View): login_url = '/login/' redirect_field_name = 'redirect_to'

If you are using an older version of django, you can use almost the same mixin from django-braces - the version of Django was based on the version of django-braces. django-braces 1.4.x still supports Django 1.4 , so you can use it with fairly old versions.

Old methods

I found this question during a search in order to decorate class based views, so add an answer for this:

This is described in the documentation section decorating class-based views . There is a urls.py , or you can apply a decorator to the dispatch() method. Examples from the documentation:

Decoration in URL conf

 from django.contrib.auth.decorators import login_required, permission_required from django.views.generic import TemplateView from .views import VoteView urlpatterns = patterns('', (r'^about/', login_required(TemplateView.as_view(template_name="secret.html"))), (r'^vote/', permission_required('polls.can_vote')(VoteView.as_view())), )

Class decoration

 from django.contrib.auth.decorators import login_required from django.utils.decorators import method_decorator from django.views.generic import TemplateView class ProtectedView(TemplateView): template_name = 'secret.html' @method_decorator(login_required) def dispatch(self, *args, **kwargs): return super(ProtectedView, self).dispatch(*args, **kwargs)

See the documentation linked above for more details.

+56

Hamish Downer Feb 05 '13 at 14:27

source share

General views have changed from functions to objects with version 1.3 of Django. Thus, Will McCutchen and Will Hardy require a small change to work with version 1.3:

 from django.contrib.auth.decorators import login_required from django.views.generic import TemplateView urlpatterns = patterns('', (r'^foo/$', login_required(TemplateView.as_view(template_name='foo_index.html'))), )

The documentation also describes how to do this.

+33

Brian Fisher May 05 '11 at 12:17 a.m.

source share

If you don't want to write your own thin shell around the general representations in question (as Amir suggested), you can also do something like this in your urls.py file:

 from django.conf.urls.defaults import * # Directly import whatever generic views you're using and the login_required # decorator from django.views.generic.simple import direct_to_template from django.contrib.auth.decorators import login_required # In your urlpatterns, wrap the generic view with the decorator urlpatterns = patterns('', (r'', login_required(direct_to_template), {'template': 'index.html'}), # etc )

+9

Will McCutchen Jan 26 '10 at 16:13

source share

For django 1.11 you can use LoginRequiredMixin for class based views

in the settings file you should add

 LOGIN_URL="/login/"

in your views.py

 from django.contrib.auth.mixins import LoginRequiredMixin class RestaurantLocationCreateView(LoginRequiredMixin,CreateView): ....

+3

Natiq Vahabov Aug 2 '17 at 5:55 on

source share

I need a reusable way to require authorization in many views derived from general views. I created a dispatch dispatch function that I can add to my view class just like other declarations.

 class Index(generic.ListView): model = models.HomePage dispatch = auth.dispatch

auth.dispatch is where we do the work:

 def dispatch(self, request, *args, **kw): """Mix-in for generic views""" if userSession(request): return super(self.__class__, self).dispatch(request, *args, **kw) # auth failed, return login screen response = user(request) response.set_cookie('afterauth', value=request.path_info) return response

+1

Julian May 24 '12 at a.m.

source share

Use the following:

 from django.contrib.auth.decorators import login_required @login_required def your_view(): # your code here

-one

Aamir Hussain Jan 26 '10 at 16:04

source share

Will Hardy · Accepted Answer · 2010-01-26 16:12

For Django <1.5, you can add a decorator by wrapping the function in your URLs, which allows you to wrap general views:

 from django.contrib.auth.decorators import login_required from django.views.generic.simple import direct_to_template urlpatterns = patterns('', (r'^foo/$', login_required(direct_to_template), {'template': 'foo_index.html'}), )

Function-based common views are deprecated in Django 1.4 and removed in Django 1.5. But the same principle applies, just wrap the view-based class view function with the login_required decorator:

 login_required(TemplateView.as_view(template_name='foo_index.html'))

How to require login to Django Generic Views?

Django 1.9 or using django-braces

Old methods

Decoration in URL conf

Class decoration

More articles: