Django Next Parameter Redirect - Adding Additional Parameters

Question

I'm trying to add authentication to my webapp. A user begins the authentication process by going to:

/authorization/v1/new?client_id=X&response_type=Y&redirect_uri=Z

If request.user does not exist, I redirect using the following code:

try:
    user_identity = Identity.objects.get(user=request.user)
except:
    resource = '%s?next=/authorization/v1/new' % settings.LOGIN_URL
    return HttpResponseRedirect(resource)

This takes the user to /login/?next=/authorization/v1/new.

The user logs in successfully, and is redirected back to /authorization/v1/new.

However, now I'm missing the required GET parameters client_id, response_type, and redirect_uri, and this causes the authorization endpoint to throw an error for missing required parameters.

What is the best way to capture the initial GET params, pass them through to login, and attach them to the redirection back to the auth endpoint?

I thought about using sessions or modifying the redirect_uri to attach the other params, but I still need to figure out how to capture a single parameter through this process. I'd like to not have to modify the login code, if possible. Any ideas/suggestions greatly appreciated. Thanks!

Answer 1

If you were using Django's built-in @login_required decorator, I believe this would be taken care of for you as of r2954.

Given that you're not, you just need to replicate the same steps. Just set next to the value of the full path (as Django does in @login_required), like so:

from urllib import quote

...
    try:
        user_identity = Identity.objects.get(user=request.user)
    except Identity.DoesNotExist:   
        return HttpResponseRedirect('%snext=%s' % (settings.LOGIN_URL, quote(request.get_full_path()))

NB I've also changed your code to avoid your Pokémon exception handling ("Gotta catch 'em all!").