I'm trying to password protect my registration page in Django without requiring the user to login, but I can't seem to figure it out. My flow should be:
- User accesses mydomain.com/register/
- User enters password into
registration_accessform - If unsuccessful, user re-enters password
- If successful, user is presented with
UserCreationForm - If
UserCreationFormis not filled out properly, user is presented withUserCreationFormagain + errors - If
UserCreationFormis filled out properly, user is redirected to their profile page
The issue I'm having right now is that I can't redirect a user to a view without a URL (the view containing UserCreationForm).
Here's my code:
views.py
def register(request):
if request.method == 'POST':
# Gather information from all forms submitted
user_custom_info = user_information(request.POST)
user_info = UserCreationForm(request.POST)
profile_info = deejay_form(request.POST)
# Check to make sure they entered data into each of the forms
info_validated = user_info.is_valid() and user_custom_info.is_valid() and profile_info.is_valid()
# If they did...
if info_validated:
# Clean the data...
user_custom_info = user_custom_info.cleaned_data
user_info = user_info.cleaned_data
profile_info = profile_info.cleaned_data
# Create a new user with those traits
new_user = User.objects.create_user(user_info['username'], user_custom_info['email'], user_info['password1'])
new_user.first_name = user_custom_info['first_name']
new_user.last_name = user_custom_info['last_name']
new_user.save()
# Create a new deejay with those traits..
new_deejay = Deejay(user=new_user, dj=profile_info['dj'], role=profile_info['role'], bio=profile_info['bio'], phone=profile_info['phone'])
new_deejay.save()
# Log in the user..
if not request.user.is_authenticated():
this_user = authenticate(username=user_info['username'], password=user_info['password1'])
login(request, this_user)
# Need to add to group - http://stackoverflow.com/questions/6288661/adding-a-user-to-a-group-in-django
# Redirect to dj page
return redirect('dj_detail', dj_name=Deejay.objects.get(user=request.user).dj)
else:
return render(request, 'pages/backend/register.html', {'forms':[user_custom_info, user_info, profile_info]})
return render(request, 'pages/backend/register.html', {'forms':[user_information, UserCreationForm, deejay_form]})
# View for a password protected registration form
def register_protect(request):
if request.method == 'POST':
pw_info = registration_access(request.POST)
if pw_info.is_valid():
return redirect(register)
else:
return render(request, 'pages/backend/register.html', {'forms':[pw_info]})
return render(request, 'pages/backend/register.html', {'forms':[registration_access]})
forms.py
class user_information(forms.ModelForm):
first_name = forms.CharField(label='First Name', required=True)
last_name = forms.CharField(label='Last Name', required=True)
email = forms.EmailField(label='Email', required=True)
class Meta:
model = User
fields = ('first_name', 'last_name', 'email')
class deejay_form(forms.ModelForm):
class Meta:
model = Deejay
fields = ('dj', 'role', 'bio', 'phone')
class registration_access(forms.Form):
secret_password = forms.CharField(label="Secret Password", widget=forms.PasswordInput())
def clean(self):
access_password = "mypassword"
given_password = self.cleaned_data.get('secret_password')
if given_password != access_password:
raise forms.ValidationError("Did you forget your training?")
return self.cleaned_data
