move redirect code to own function

2024-05-10 07:54:54 +00:00 · 2020-09-02 22:33:39 +02:00
parent bfcbd9da6c
commit f92569d468
1 changed files with 18 additions and 17 deletions
--- a/netbox/users/views.py
+++ b/netbox/users/views.py
@@ -36,17 +36,12 @@ class LoginView(View):
        return super().dispatch(*args, **kwargs)

    def get(self, request):
-        if request.user.is_authenticated:
-            # Already logged-in, determine where to redirect
-            redirect_to = request.GET.get('next', reverse('home'))
-            if redirect_to and not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()):
-                logger.warning(f"Ignoring unsafe 'next' URL passed to login form: {redirect_to}")
-                redirect_to = reverse('home')
-
-            return HttpResponseRedirect(redirect_to)
-
        form = LoginForm(request)

+        if request.user.is_authenticated:
+            logger = logging.getLogger('netbox.auth.login')
+            return self.redirect_to_next(request, logger)
+
        return render(request, self.template_name, {
            'form': form,
        })
@@ -58,12 +53,6 @@ class LoginView(View):
        if form.is_valid():
            logger.debug("Login form validation was successful")

-            # Determine where to direct user after successful login
-            redirect_to = request.POST.get('next', reverse('home'))
-            if redirect_to and not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()):
-                logger.warning(f"Ignoring unsafe 'next' URL passed to login form: {redirect_to}")
-                redirect_to = reverse('home')
-
            # If maintenance mode is enabled, assume the database is read-only, and disable updating the user's
            # last_login time upon authentication.
            if settings.MAINTENANCE_MODE:
@@ -75,8 +64,7 @@ class LoginView(View):
            logger.info(f"User {request.user} successfully authenticated")
            messages.info(request, "Logged in as {}.".format(request.user))

-            logger.debug(f"Redirecting user to {redirect_to}")
-            return HttpResponseRedirect(redirect_to)
+            return self.redirect_to_next(request, logger)

        else:
            logger.debug("Login form validation failed")
@@ -85,6 +73,19 @@ class LoginView(View):
            'form': form,
        })

+    def redirect_to_next(self, request, logger):
+        if request.method == "POST":
+            redirect_to = request.POST.get('next', reverse('home'))
+        else:
+            redirect_to = request.GET.get('next', reverse('home'))
+
+        if redirect_to and not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()):
+            logger.warning(f"Ignoring unsafe 'next' URL passed to login form: {redirect_to}")
+            redirect_to = reverse('home')
+
+        logger.debug(f"Redirecting user to {redirect_to}")
+        return HttpResponseRedirect(redirect_to)
+

 class LogoutView(View):
    """