限制用户访问特定页面的方法是什么?

huangapple go评论62阅读模式
英文:

How can I restrict a user from accessing certain pages?

问题

以下是翻译好的部分:

有页面 "password_reset/" 和 "password_reset/done/"。在 "password_reset/" 页面填写表单后,会重定向到 "password_reset/done/" 页面。但如果有人尝试通过 URL 访问该页面,他将成功。如何修复它。

我尝试以以下方式解决,但某些地方没有成功。

class CustomPasswordResetDoneView(PasswordResetDoneView):

    def get(self, request, *args, **kwargs):
        referer = request.META.get('HTTP_REFERER')
        if referer != reverse('password_reset'):
            return HttpResponse(status=404)
        return render(request, 'registration/password_reset_done.html')

希望这有所帮助。如果您需要更多信息,请随时提出。

英文:

There are pages "password_reset/" and "password_reset/done/". After filling out the form on the "password_reset/" page, there is a redirect to the "password_reset/done/" page. But if someone tries to access the page through the url, he will succeed. How to fix it.<br>

path(&#39;password_reset/&#39;, views.PasswordResetView.as_view(), name=&#39;password_reset&#39;),
path(&#39;password_reset/done/&#39;, views.PasswordResetDoneView.as_view(), name=&#39;password_reset_done&#39;),

I tried to solve it this way, but something didn't work out.<br>

class CustomPasswordResetDoneView(PasswordResetDoneView):

    def get(self, request, *args, **kwargs):
        referer = request.META.get(&#39;HTTP_REFERER&#39;)
        if referer != reverse(&#39;password_reset&#39;):
            return HttpResponse(status=404)
        return render(request, &#39;registration/password_reset_done.html&#39;)

答案1

得分: 1

你可以通过使用 Mixins、装饰器或 is_user_authenticated 来实现这一点。

英文:

You can do this by using Mixins, Decorators or is_user_authenticated.

huangapple
  • 本文由 发表于 2023年4月11日 14:49:22
  • 转载请务必保留本文链接:https://go.coder-hub.com/75983103.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定