Commit 725243ab authored by Claude Paroz's avatar Claude Paroz

Improved redirection after login/logout

parent 3e65e990
......@@ -24,6 +24,7 @@ from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect, Http404
from django.shortcuts import render
from django.template.loader import get_template, TemplateDoesNotExist
from django.utils.http import is_safe_url
from django.utils.translation import ugettext as _
from people.models import Person, obfuscate_email
......@@ -55,12 +56,22 @@ def about(request):
def site_login(request):
""" Site-specific login page. Not named 'login' to not confuse with auth.login """
referer = None
def redirect(referer):
if is_safe_url(referer, host=request.get_host()):
return HttpResponseRedirect(referer)
return HttpResponseRedirect(reverse("home"))
referer = request.META.get('HTTP_REFERER', None)
openid_path = ''
if request.method == 'POST':
if request.POST.get('referer', None):
referer = request.POST['referer']
if 'logout' in request.POST and request.POST['logout']:
messages.success(request, _("You have been logged out."))
return redirect(referer)
elif 'username' in request.POST:
username = request.POST['username']
password = request.POST['password']
......@@ -74,17 +85,11 @@ def site_login(request):
'url': reverse('person_team_join'),
}, message)
if 'referer' in request.POST:
return HttpResponseRedirect(request.POST['referer'])
return HttpResponseRedirect(reverse("home"))
return redirect(referer)
messages.error(request, _("We're sorry, but your account has been disabled."))
messages.error(request, _("Login unsuccessful. Please verify your username and password."))
referer = request.POST['referer']
referer = request.META.get('HTTP_REFERER', None)
if 'django_openid_auth' in settings.INSTALLED_APPS:
openid_path = '/openid/login/'
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment