Django change request.path in middleware (to authenticate by token in url)?

If you don't want to mess up with upload handlers I have a better solution for you.

If you don't want to mess up with upload handlers, I have a better solution for you: Create a rule in your urls. Py to specifically catch visits with tokens Put it at the start of the urlpatterns to make sure that it will be evaluated first. Something like this will do: (r'/~', 'my_app_name.

My_redirect_view'), Create a view: def my_redirect_view(request): #Compiled regular expressions work much faster beloved_tokens = re. Compile(r'(.*)/~(.+? )/(.*)') result = beloved_tokens.

Search(request. Path) try: (uidb36, token) = result. Group(2).

Split('-', 2) path_end = result. Group(3) # We use "try" to be sure that no one had # messed with our beloved tokens: except AttributeError: raise Http404 else: user = authenticate(uidb36 = uidb36, token = token) if user: login(request, user) return HttpResponseRedirect('%s/%s' % (result. Group(1), result.

Group(3)) + ('? ' + '&'. Join('='.

Join(item) for item in request.GET.items()) if request. GET else '')) else: raise Http404.

Of course, you can add some additional processing in order to strip token from request.GET. But the whole concept remains the same: we don't need middleware to solve the issue. – Ivan Kharlamov Nov 6 at 21:02 Using url match is a good idea, I hadn't thought of that!(Also adding try except is a good idea).

But is there a way to go on to match the url stripped of token after this, because it'd also like a method that doesn't need redirect... – Mark Nov 6 at 21:24 @Mark, why don't you add a token at the end of the url? Is there a specific reason to put it in the middle? – Ivan Kharlamov Nov 6 at 21:26 You mean to match them with the normal views instead, and read the token either at the start of the view or with middleware?

R'^album/' instead of r'^album/$', I guess that'd work if I put things like r'^album2' before r'^album' (or it'd match the first one)... – Mark Nov 6 at 21:33 In any case, if you use middleware or normal views, having the token at the end of an url is much better. You should probably use token as a GET parameter like? Token=... and do as @Anurag suggested.

– Ivan Kharlamov Nov 6 at 22:00.

IMO changing request. Path is more bad(if it can be called bad) compared to accessing GET/POST parameters, so just pass token as GET parameter and login based on token and do not redirect or do request. Path modifications I see token as a added attribute to a valid url, hence a middleware acknowledges that and does something with that token, but url still is handled by the correct view, so middleware to me seems a very logical fit here.

I don't see any reason to use middleware at all. – Ivan Kharlamov Nov 6 at 21:21 Yes I can see how GET would be more appropriate for this than request. Path, but it apparently gives trouble with upload handlers (which I don't know yet if I will need later).

But I guess I can use GET at least for the redirect-way, in which case that problem doesn't exist! – Mark Nov 6 at 21:27 @Ivan Kharlamov, but middleware makes thing easier to handle and can avoid a redirect – Anurag Uniyal Nov 6 at 21:34 1 @Mark, if you are modifying upload handlers, you can do them before token middleware and everything will be fine, csrf middleware also accesses POST params – Anurag Uniyal Nov 6 at 21:35 @AnuragUniyal, you are probably right, it is better to use middleware. And it is DRY.

– Ivan Kharlamov Nov 6 at 21:53.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.