New Mixin: AnonymousUserOnlyMixin #89

Closed
wants to merge 4 commits into
from

Projects

None yet

5 participants

@epicbagel
Contributor

New mixin redirect authenticated users to a specified URL. This can be useful for preventing authenticated users accessing signup pages or redirecting them to their dashboard if they arrive on the home page.

epicbagel added some commits Nov 1, 2013
@epicbagel epicbagel AuthorizedRedirectMixin
View mixin which redirects to a specified URL if authenticated. Can be
useful if you wanted to prevent authenticated users from accessing
signup pages etc.
38f4b8d
@epicbagel epicbagel Added tests for AnonymousUserOnlyMixin (previously AuthorizedRedirect…
…Mixin).
77bfd40
@epicbagel epicbagel Cleanup of renaming for AnonymousUserOnlyView dfe99db
@yetty
yetty commented Dec 1, 2013

+1

@yetty yetty and 1 other commented on an outdated diff Dec 1, 2013
braces/views.py
+ View mixin which redirects to a specified URL if authenticated.
+ Can be useful if you wanted to prevent authenticated users from
+ accessing signup pages etc.
+
+ NOTE:
+ This should be the left-most mixin of a view.
+
+ Example Usage
+
+ class SomeView(AnonymousUserOnlyMixin, ListView):
+ ...
+ # required
+ authenticated_redirect_url = "/dashboard/"
+ ...
+ """
+ authenticated_redirect_url = None # Default the authenticated redirect url to none
@yetty
yetty Dec 1, 2013

Maybe it would be useful to use settings.LOGIN_REDIRECT_URL as default value instead of None.

@kennethlove
kennethlove Jan 5, 2014 Member

@yetty: But it's for anonymous users, why would you redirect logged-in users to the login page?

@yetty
yetty Jan 5, 2014

@kennethlove Look at https://docs.djangoproject.com/en/dev/ref/settings/#login-redirect-url . settings.LOGIN_REDIRECT_URL is NOT login page, but the page after successful log in.

@kennethlove
kennethlove Jan 5, 2014 Member

@yetty OK, but even then, they're already authenticated and shouldn't be, for this mixin. Seems odd to redirect them somewhere other than a 'log out to see this page' view.

Ultimately, it's the contributor's job to tell us if we're thinking correctly about it :) So, @epicbagel, please shed some light on this.

@yetty
yetty Jan 5, 2014

@kennethlove My most common usage for this mixin is for login and registration view. If users are already logged in I would suppose to redirect them to the same page to which they are redirected after log in / registration.

I would appreciate some default value - not raising exception if authenticated_redirect_url is missing. Imho even E403 would be better than exception.

Not really important for me, but I think it would be nice to be consistent with Django. Just an idea, how to improve it :) Thanks anyway for merging this mixin! 👍

@kennethlove
kennethlove Jan 6, 2014 Member

Yeah, that use-case makes sense. And that use of the setting makes sense, too. Probably want to do it how the AccessMixin does, though, so it's overridable in your class. And, like the comment below, it should probably be renamed to AnonymousRequiredMixin.

Anyway, my plan is to put this into 1.4 in a month or two. Good work everyone.

@ergusto
ergusto commented Dec 26, 2013

+1 Although I'd suggest renaming it to AnonymousRequiredMixin to keep in line with how the other mixins are named.

@kennethlove kennethlove commented on an outdated diff Jan 5, 2014
tests/test_access_mixins.py
@@ -126,6 +127,31 @@ def test_authenticated(self):
assert resp.status_code == 200
assert force_text(resp.content) == 'OK'
+
+class TestAnonymousUserOnlyMixin(TestViewHelper, test.TestCase):
+ """
+ Tests for AnonymousUserOnlyMixin.
+ """
+ view_class = AnonymousUserOnlyView
+ view_url = '/unauthanticated_view/'
@kennethlove
kennethlove Jan 5, 2014 Member

I'd like to see a test that uses reverse_lazy here, too, to verify that it works with this mixin.

@kennethlove
kennethlove Jan 5, 2014 Member

also, authEnticated

@kennethlove kennethlove commented on an outdated diff Jan 5, 2014
tests/urls.py
@@ -6,6 +6,10 @@
'',
# LoginRequiredMixin tests
url(r'^login_required/$', views.LoginRequiredView.as_view()),
+
+ # AnonymousUserOnlyView tests
+ url(r'^unauthanticated_view/$', views.AnonymousUserOnlyView.as_view()),
+ url(r'^authanticated_view/$', views.AuthenticatedView.as_view()),
@kennethlove
kennethlove Jan 5, 2014 Member

authEnticated

@kennethlove kennethlove commented on an outdated diff Jan 5, 2014
tests/test_access_mixins.py
+ def test_anonymous(self):
+ resp = self.client.get(self.view_url)
+ # As an non-authenticated user, it should be possible to access
+ # the URL.
+ assert resp.status_code == 200
+ assert force_text(resp.content) == 'OK'
+
+ def test_authenticated(self):
+ user = UserFactory()
+ self.client.login(username=user.username, password='asdf1234')
+ resp = self.client.get(self.view_url)
+ # Check that the authenticated user has been successfully directed
+ # to the approparite view.
+ assert resp.status_code == 302
+ resp = self.client.get(self.view_url, follow = True)
+ self.assertRedirects(resp, "/authanticated_view/")
@kennethlove
kennethlove Jan 5, 2014 Member

authEnticated

@kennethlove
Member

Address the spelling issues and needed extra test cases and this'll go into 1.4.

Thanks!

@epicbagel
Contributor

Thanks everyone for the feedback.

@yetty, @kennethlove the mixin is now using LOGIN_REDIRECT_URL from settings.py. This makes sense to me as it's the default place you redirect authenticated users to. Can always be overwritten if required, or course.

@ergusto - I've also renamed to AnonymousRequiredMixin.

Also fixed the typos, added a test case for reverse_lazy. Look forward to seeing it in 1.4 :)

@chrisjones-brack3t chrisjones-brack3t self-assigned this Mar 1, 2014
@kennethlove kennethlove modified the milestone: 1.4 Mar 1, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment