Django and Oscar
Mike Slinn

Experimenting With Django User Authentication

Published 2021-03-19.
Time to read: 1 minutes.

This page is part of the django collection.

I skimmed the documentation for Django how to require user authentication for specific views. It seemed simple enough, all that is supposedly necessary to restrict a view to being visible to logged-in users is to preface the view method that needs logged in users with @login_required, like this:

Python
from django.contrib.auth.decorators import login_required

@login_required
def index(request) -> str:
    return render(request, 'mypage.html')

When I did that to my version of Frobshop nothing changed. There was no login challenge and no error message. I did not know if it was possible to create a log detailed enough to help me figure out what was wrong.

Looking For @login_required

In the django-oscar repository, git grep @login_required returns nothing. However, git grep login_required (without the @ symbol) returns 46 instances, including imports and usages. Here are two of the lines returned from src/oscar/apps/customer/apps.py:

src/oscar/apps/customer/apps.py snippet
from django.contrib.auth.decorators import login_required
path('', login_required(self.summary_view.as_view()), name='summary'),

I went back to my version of Frobshop and modified it to match what I saw in the django-oscar source code; I specified login_required in urls.py, instead of using @login_required in views.py.

😁

It worked!

Maybe I’ll ask why it worked in the django-oscar Slack group some day. So much to do...



* indicates a required field.

Please select the following to receive Mike Slinn’s newsletter:

You can unsubscribe at any time by clicking the link in the footer of emails.

Mike Slinn uses Mailchimp as his marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices.