I'd appreciate some code review, I used django-registration app and django.contrib.auth module. What I wanted to do is have both the login and registration form on the index page, and manage it from there. What I did is I just copied code from registration.views.py and contrib.auth.views.py and banged it together.
It works but I feel it's very hack-ish, non elegant, and that there is another, proper way to do it. For example I feel it might be better to call or extend view methods in registration and auth instead of copy pasting them.
def index(request, success_url=None,
form_class=RegistrationForm,
authentication_form=AuthenticationForm,
profile_callback=None,
template_name='index.html',
extra_context=None, **kwargs):
redirect_to = request.REQUEST.get('next', '')
if request.method == 'POST':
form = form_class(data=request.POST, files=request.FILES)
form_auth = authentication_form(data=request.POST)
if form.is_valid():
new_user = form.save(profile_callback=profile_callback)
# success_url needs to be dynamically generated here; setting a
# a default value using reverse() will cause circular-import
# problems with the default URLConf for this application, which
# imports this file.
return HttpResponseRedirect(success_url or reverse('registration_complete'))
if form_auth.is_valid():
netloc = urlparse.urlparse(redirect_to)[1]
# Use default setting if redirect_to is empty
if not redirect_to:
#redirect_to = settings.LOGIN_REDIRECT_URL
redirect_to = "/"
# Security check -- don't allow redirection to a different
# host.
elif netloc and netloc != request.get_host():
#redirect_to = settings.LOGIN_REDIRECT_URL
redirect_to = "/"
# Okay, security checks complete. Log the user in.
auth_login(request, form_auth.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
form = form_class()
form_auth = authentication_form()
if extra_context is None:
extra_context = {}
context = RequestContext(request)
for key, value in extra_context.items():
context[key] = callable(value) and value() or value
return render_to_response(template_name,
{ 'form': form, 'form_auth': form_auth},
context_instance=context)
And forms in the index.html:
{% if form.errors %}
<p class="errors">Please correct the errors below: {{ form.non_field_errors }}</p>
{% endif %}
<h3>Create an account</h3>
<form method="post" action="" class="wide">
{% csrf_token %}
<p>
<label for="id_username">Your Username:</label>
{% if form.username.errors %}
<p class="errors">{{ form.username.errors.as_text }}</p>
{% endif %}
{{ form.username }}
</p>
<p>
<label for="id_email">Email address:</label>
{% if form.email.errors %}
<p class="errors">{{ form.email.errors.as_text }}</p>
{% endif %}
{{ form.email }}
</p>
<p>
<label for="id_password1">Password:</label>
{% if form.password1.errors %}
<p class="errors">{{ form.password1.errors.as_text }}</p>
{% endif %}
{{ form.password1 }}
</p>
<p>
<label for="id_password2">Password (type again to catch typos):</label>
{% if form.password2.errors %}
<p class="errors">{{ form.password2.errors.as_text }}</p>
{% endif %}
{{ form.password2 }}
</p>
<p class="submit"><input type="submit" value="Register"></p>
</form>
{% if form_auth.errors %}
<p class="error">Please correct the errors below:</p>
{% endif %}
<h3>Log in</h3>
<form method="post" action="?next={{ next|default:"/" }}">
{% csrf_token %}
<dl>
<dt><label for="id_username">Username:</label>{% if form.username.errors %} <span class="error">{{ form.username.errors|join:", " }}</span>{% endif %}</dt>
<dd>{{ form_auth.username }}</dd>
<dt><label for="id_password">Password:</label>{% if form.password.errors %} <span class="error">{{ form.password.errors|join:", " }}</span>{% endif %}</dt>
<dd>{{ form_auth.password }}</dd>
<dt><input type="submit" value="Log in" /></dt>
</dl>
</form>
It's quite natural to place login or registration form at index page (or on every page), but why do you need to process the forms there? Process login on
/auth/login/
, process registration on/auth/registration/
and your code will be clean and extendable.