Upon logging in as a user, the system functions correctly, but I’m experiencing multiple redirections. Additionally, please review my approach to implementing multi-user authentication and provide feedback to help resolve this issue.
decorators.py
from django.http import HttpResponse
from django.shortcuts import redirect
def unauthenticated_user(view_func):
def wrapper_func(request, *args, **kwargs):
if request.user.is_authenticated:
return redirect('dashboard')
else:
return view_func(request, *args, **kwargs)
return wrapper_func
def allowed_users(allowed_roles=[]):
def decorator(view_func):
def wrapper_func(request, *args, **kwargs):
group = None
if request.user.groups.exists():
group = request.user.groups.all()[0].name
if group in allowed_roles:
return view_func(request, *args, **kwargs)
else:
return HttpResponse('You are not authorized to view this page')
return wrapper_func
return decorator
def admin_only(view_func):
def wrapper_function(request, *args, **kwargs):
group = None
if request.user.groups.exists():
group = request.user.groups.all()[0].name
if group in ['patient', 'doctor', 'staff']:
return redirect(f'{group}-dashboard') # Redirect based on the group name
if group == 'admin':
return view_func(request, *args, **kwargs)
return wrapper_function
views.py
from django.shortcuts import render, redirect
from django.contrib.auth.forms import UserCreationForm
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
from django.contrib.auth.models import Group
from .decorators import unauthenticated_user, allowed_users, admin_only
from .forms import CreateUserForm
@login_required(login_url='login')
@admin_only
def dashboard(request):
return render(request, 'users/dashboard.html')
@unauthenticated_user
def userLogin(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(request, username=username, password=password)
if user is not None:
login(request, user)
return redirect('dashboard')
return render(request, 'users/login.html')
@unauthenticated_user
def userSignup(request):
form = CreateUserForm()
if request.method == 'POST':
form = CreateUserForm(request.POST)
if form.is_valid():
user = form.save()
group = Group.objects.get(name='patient')
user.groups.add(group)
return redirect('login')
context = {'form': form}
return render(request, 'users/signup.html', context)
def logoutUser(request):
logout(request)
return redirect('login')
def userPage(request):
return render(request, 'users/user.html')
@login_required(login_url='login')
@allowed_users(allowed_roles=['doctor'])
def doctorDashboard(request):
return render(request, 'users/doctor/doctor_dashboard.html')
@login_required(login_url='login')
@allowed_users(allowed_roles=['patient'])
def patientDashboard(request):
return render(request, 'users/patient/patient_dashboard.html')
@login_required(login_url='login')
@allowed_users(allowed_roles=['staff'])
def staffDashboard(request):
return render(request, 'users/staff/staff_dashboard.html')
def landingPage(request):
return render(request, 'users/landing_page.html')
[15/Feb/2024 17:53:18] "POST /login/ HTTP/1.1" 302 0
[15/Feb/2024 17:53:18] "GET /dashboard/ HTTP/1.1" 302 0
[15/Feb/2024 17:53:19] "GET /patient/ HTTP/1.1" 200 1618