I implemented Django's LoginRequiredMiddleware and it seems to work fine basically. My only problem is, when I'm at the login page I get multiple reload requests per second.
In the settings I included the login url and the middleware
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"login_required.middleware.LoginRequiredMiddleware", #<- it's here
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"django_htmx.middleware.HtmxMiddleware",
"django_browser_reload.middleware.BrowserReloadMiddleware",
]
LOGIN_URL = "/login"
and this is my view function
@login_not_required
def login_page(
request,
) -> HttpResponseRedirect | HttpResponsePermanentRedirect | HttpResponse:
if request.method == "POST":
username: str = request.POST.get("username")
password: str = request.POST.get("password")
user: AbstractBaseUser | None = authenticate(
request, username=username, password=password
)
if user is not None:
login(request, user)
return redirect("landingPage", username=username)
else:
messages.info(request, "Username or password is incorrect!")
return render(request, "a[...]/login.html")
I can't find a reason why this happens and would prefer it not to happen to reduce traffic for my app.