-
Notifications
You must be signed in to change notification settings - Fork 80
Verify.success_url never used with {% browserid_login %} #296
Comments
@alanbriolat I have been able to successfully override [1] https://github.com/mozilla/oneanddone/blob/master/oneanddone/users/views.py#L158 |
@bobsilverberg I found that hard to believe, having read the corresponding logic in Setting a breakpoint in your In fact, the reason you get the behaviour you expect is because the logic in your
Note the 302 redirect to |
Thanks for the report! I think you're right about I imagine this will constitute a patch release given that the code is documented to work this way and just isn't, making this a backwards-compatible bugfix. |
I'm not so sure about it being a backwards-compatible fix. The I'm work on a fix, yes. For consistency it seems the duplicate behaviour should also be removed from logout as well as login. |
Fixed by #297. I'll look into cutting a release on Monday and figure out if I should do a major version change or not. Thanks again! |
Aaaaaaaand it's out! https://github.com/mozilla/django-browserid/releases/tag/v2.0.0 |
The expectation set by the documentation is that you should be able to override
Verify.success_url
in your own view (used withBROWSERID_VERIFY_CLASS
) with some complex behaviour and control where a successful login redirects to. After finding the method was never called, I dug into thedjango_browserid
code and found the following:next
POST parameter always takes precedence inVerify.login_success()
.{% browserid_login %}
template tag always results in anext
, whether you supply one or not, defaulting toLOGIN_REDIRECT_URL
.Verify.success_url
is rendered inert, withLOGIN_REDIRECT_URL
being the only real point of control./
as a default value when gettingLOGIN_REDIRECT_URL
, even though Django already has a default of/accounts/profile/
and therefore such "defensiveness" is unnecessary.)As far as I can tell, the correct behaviour would be to not assume a default
next
parameter, instead leaving it up toVerify.success_url
to decide in the absence of one. Of course, I could be completely breaking some other workflow with that assumption, so I'd appreciate any input before committing time to a fix.The text was updated successfully, but these errors were encountered: