Search code examples

Django:How can I prevent authenticated user from both register and login page in Django-registration-redux

I am currently using Django-registration-redux for my authentication system. Already logged in user can visit the login and registration page again; which is not good enough. How can I prevent them from this since the comes by default in Django-registration-redux I think that should be done in the that come with Django-registration-redux

Here is the

Views which allow users to create and activate accounts.


from django.shortcuts import redirect
from django.views.generic.base import TemplateView
from django.views.generic.edit import FormView
from django.conf import settings
from django.utils.decorators import method_decorator
from django.views.decorators.debug import sensitive_post_parameters
    from django.utils.module_loading import import_string
except ImportError:
    from registration.utils import import_string

from registration import signals
# from registration.forms import RegistrationForm

REGISTRATION_FORM_PATH = getattr(settings, 'REGISTRATION_FORM', 'registration.forms.RegistrationFormUniqueEmail')

class _RequestPassingFormView(FormView):
    A version of FormView which passes extra arguments to certain
    methods, notably passing the HTTP request nearly everywhere, to
    enable finer-grained processing.

    def get(self, request, *args, **kwargs):
        # Pass request to get_form_class and get_form for per-request
        # form control.
        form_class = self.get_form_class(request)
        form = self.get_form(form_class)
        return self.render_to_response(self.get_context_data(form=form))

    def post(self, request, *args, **kwargs):
        # Pass request to get_form_class and get_form for per-request
        # form control.
        form_class = self.get_form_class(request)
        form = self.get_form(form_class)
        if form.is_valid():
            # Pass request to form_valid.
            return self.form_valid(request, form)
            return self.form_invalid(form)

    def get_form_class(self, request=None):
        return super(_RequestPassingFormView, self).get_form_class()

    def get_form_kwargs(self, request=None, form_class=None):
        return super(_RequestPassingFormView, self).get_form_kwargs()

    def get_initial(self, request=None):
        return super(_RequestPassingFormView, self).get_initial()

    def get_success_url(self, request=None, user=None):
        # We need to be able to use the request and the new user when
        # constructing success_url.
        return super(_RequestPassingFormView, self).get_success_url()

    def form_valid(self, form, request=None):
        return super(_RequestPassingFormView, self).form_valid(form)

    def form_invalid(self, form, request=None):
        return super(_RequestPassingFormView, self).form_invalid(form)

class RegistrationView(_RequestPassingFormView):
    Base class for user registration views.

    disallowed_url = 'registration_disallowed'
    form_class = REGISTRATION_FORM
    http_method_names = ['get', 'post', 'head', 'options', 'trace']
    success_url = None
    template_name = 'registration/registration_form.html'

    @method_decorator(sensitive_post_parameters('password1', 'password2'))
    def dispatch(self, request, *args, **kwargs):
        Check that user signup is allowed before even bothering to
        dispatch or do other processing.

        if not self.registration_allowed(request):
            return redirect(self.disallowed_url)
        return super(RegistrationView, self).dispatch(request, *args, **kwargs)

    def form_valid(self, request, form):
        new_user = self.register(request, form)
        success_url = self.get_success_url(request, new_user)

        # success_url may be a simple string, or a tuple providing the
        # full argument set for redirect(). Attempting to unpack it
        # tells us which one it is.
            to, args, kwargs = success_url
            return redirect(to, *args, **kwargs)
        except ValueError:
            return redirect(success_url)

    def registration_allowed(self, request):
        Override this to enable/disable user registration, either
        globally or on a per-request basis.

        return True

    def register(self, request, form):
        Implement user-registration logic here. Access to both the
        request and the full cleaned_data of the registration form is
        available here.

        raise NotImplementedError

class ActivationView(TemplateView):
    Base class for user activation views.

    http_method_names = ['get']
    template_name = 'registration/activate.html'

    def get(self, request, *args, **kwargs):
        activated_user = self.activate(request, *args, **kwargs)
        if activated_user:
            success_url = self.get_success_url(request, activated_user)
                to, args, kwargs = success_url
                return redirect(to, *args, **kwargs)
            except ValueError:
                return redirect(success_url)
        return super(ActivationView, self).get(request, *args, **kwargs)

    def activate(self, request, *args, **kwargs):
        Implement account-activation logic here.

        raise NotImplementedError

    def get_success_url(self, request, user):
        raise NotImplementedError

Here is my main/project

urlpatterns = [
    url( 'admin/',,
    url(r'^$', views.home, name='homepage'),
    url(r'^user/', include('User.urls')),
    #url(r'^accounts/register/$', MyRegistrationView.as_view(), 
]+ static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

Thanks, any help will be appreciated

Below are the file showing identation error indentaion error views file


  • In the dispatch method of your views you can check if the user is authenticated and redirect them to another page, for example:

    class RegistrationView(_RequestPassingFormView):
        @method_decorator(sensitive_post_parameters('password1', 'password2'))
        def dispatch(self, request, *args, **kwargs):
            Check that user signup is allowed before even bothering to
            dispatch or do other processing.
            if request.user.is_authenticated:
                return redirect('some_url')
            if not self.registration_allowed(request):
                return redirect(self.disallowed_url)
            return super(RegistrationView, self).dispatch(request, *args, **kwargs)

    The if user.is_authenticated prevents both logged-in and not-logged-in user from accessing the registration page.

    class RegistrationView(_RequestPassingFormView):
        Base class for user registration views.
        disallowed_url = 'registration_disallowed'
        form_class = REGISTRATION_FORM
        http_method_names = ['get', 'post', 'head', 'options', 'trace']
        success_url = None
        template_name = 'registration/registration_form.html'
        @method_decorator(sensitive_post_parameters('password1', 'password2'))
        def dispatch(self, request, *args, **kwargs):
            Check that user signup is allowed before even bothering to
            dispatch or do other processing.
            if self.request.user.is_authenticated:
                return redirect('/')
            if not self.registration_allowed(request):
                return redirect(self.disallowed_url)
            return super(RegistrationView, self).dispatch(request, *args, **kwargs)
        def form_valid(self, request, form):
            new_user = self.register(request, form)
            success_url = self.get_success_url(request, new_user)
            # success_url may be a simple string, or a tuple providing the
            # full argument set for redirect(). Attempting to unpack it
            # tells us which one it is.
                to, args, kwargs = success_url
                return redirect(to, *args, **kwargs)
            except ValueError:
                return redirect(success_url)
        def registration_allowed(self, request):
            Override this to enable/disable user registration, either
            globally or on a per-request basis.
            return True
        def register(self, request, form):
            Implement user-registration logic here. Access to both the
            request and the full cleaned_data of the registration form is
            available here.
            raise NotImplementedError