How to Redirect a User After Login to the URL in the Next Parameter in Django

In this article, we show how to redirect a user after login to the URL in the next parameter in Django.

So let's say that a user clicks on your website to create a post. Let's say you have a website in which users of the site can create posts. Only registered users can create posts. Let's say a visitor has come to the site and now clicks on the 'Create a Post' link. With Django, you can add a login_required decorator to this 'Create a Post' view, so that when a user clicks on this, it forces him/her to the login page, so that s/he can login in. After the person logs in, we then want the user directed to the 'Create a Post' page, which was the original intent of the user.

Django allows this to smoothly occur because it places a next parameter within the URL, which can be obtained with the request.GET.next variable.

A common way of making this work is to create a hidden field within the login form on the login page and use this hidden field to obtain the value of the next parameter in the URL with the request.GET.next variable and passing this to the views.py file, where we can then redirect to this page after the login.

Login.html Template File

So now let's go to the Login.html template, which is the template file for the login page.

This is shown in the following code below.

<h1>Login Page</h1> <form action="" method="POST"> {% csrf_token %} {% if error %} {{ error }} {% endif %} {{ form.as_p }} { <input type="hidden" name="next" value="{{ request.GET.next }}"/> <input type="submit" name="submit" value="Log in"/> </form>

So this is a very basic page.

It contains a header that says Login Page.

And then it has a form that uses the method of POST. It must contain {% csrf_token %} to prevent cross site request forgery. It also must have a way of showing errors, primarily if the username and password are not correct. We then import the login form from the views.py page, which was originally created in the forms.py file. This form just has 2 fields, username and password.

To this form, we add a hidden field. We make the field hidden because we don't want the user to see it. The field serves only to obtain the next parameter in the URL. Therefore, we set the type to "hidden". We set the name to "next". And we set the value of the hidden field to request.GET.next. This retrieves the value of the next parameter in the URL.

Now that we have this, we can move on to the views.py file.

views.py File

So let's now go to the login view in the views.py file. This is a function-based view called pagelogin.

In this views.py file, we do a number of things, most importantly we retrieve the next parameter in the URL. If there is a next parameter, this means that we should redirect the user to the page the user was originally trying to access after logging in. If there is no next parameter, then the user went to the login page directly and there is no page to redirect the user to based on a next parameter.

We create a variable (we call it nextvalue in our code below) and place the value of the hidden field (this hidden field has a value that contains the next parameter) in this variable.

If the variable, nextvalue, is None (contains data), we know there is a next parameter in the URL.

If the variable, nextvalue, is not None (contains no data), then we know there is no next parameter in the URL.

So we use this in order to determine what code to execute using if statements.

Our code is shown below.


#views.py File from django.shortcuts import render, redirect from .forms import Signupform, Loginform from django.contrib.auth.models import User from django.contrib.auth import authenticate, login from django.contrib import messages def pagelogin(request): uservalue='' passwordvalue='' valuenext= request.POST.get('next') form= Loginform(request.POST or None) if form.is_valid(): uservalue= form.cleaned_data.get("username") passwordvalue= form.cleaned_data.get("password") user= authenticate(username=uservalue, password=passwordvalue) if user is not None and valuenext=='': login(request, user) context= {'form': form, 'valuenext': valuenext} messages.success(request, "You have successfully logged in") return render(request, 'accounts/Login.html', context) if user is not None and valuenext !='': login(request, user) messages.success(request, "You have successfully logged in") context= {'form': form, 'valuenext': valuenext} return redirect(valuenext) else: context= {'form': form, 'error': 'The username and password combination is incorrect'} return render(request, 'accounts/Login.html', context) else: context= {'form': form} return render(request, 'accounts/Login.html', context)

So, remember, we created a hidden field within a form. This is not a Django field but an HTML field, so we can get this value even outside of the Loginform, which we create later in the code. We create a variable, nextvalue, and set this equal to, request.POST.get('next')

The variable, nextvalue, now contains the next parameter (the URL to direct the userto once the user logs in) if there is a next parameter. If there is no next parameter, nextvalue is an empty string.

So with the statement, if user is not None and valuenext =='':, this statement is true if the user exists and valuenext is an empty string. This means there is no next parameter and no page to redirect the user to based on a next parameter.

With the statement, if user is not None and valuenext !='':, this statement is true if the user exists and valuenext contains data. In this case, there is a URL to redirect the user to based on a next parameter. So, if this is case, we redirect the user to the next parameter URL with the statement, return redirect(valuenext)

And this is how to redirect a user after login to the next parameter URL in Django.

Related Resources

How to Randomly Select From or Shuffle a List in Python