CODEWITHSUNDEEP
djangohttp-redirectdjango-templatesdjango-urls
KieranDL3
KieranDL3

Reputation: 83

Make it so url can only be accessed through redirect

I am redirecting my users from a paypal payment to the register.html so that you can only register once you have paid the subscription.

How do I make it so that this redirect is the only way to access the page and not simply by putting mysite.com/register in the browser?

I have pages where login is required but obviously this will be before a user has registered so cannot do that.

Upvotes: 1

Views: 1039

Answers (2)

Ryszard Orlikowski
Ryszard Orlikowski

Reputation: 132

You can add payment id to your url, for example: mysite.com/register/<payment_id> and then check if the payment id is confirmed or not, if is completed you can display register form or redirect if payment is wrong

Upvotes: 3

Hemant
Hemant

Reputation: 1166

for the requirement posted in OP, you might be interested in using HTTP_REFERER available in HttpRequest.META to tell you from where the user is redirected from.

Here is a sample view on how you can implement it in django

def your_view(request):
    print(request.META.get('HTTP_REFERER'))
    if request.META.get('HTTP_REFERER') == 'whatever url of paypal you want to allow':
        some_context = {}
        return render(request, 'yourhtml.html', some_context)
    return redirect('/') # it can be redirected to anywhere if user is not intended audience

Thereby it will only show this view to the user coming from url set by you in the if condition

Note: I would not say it is secure but it will do the trick

To make it secure i would suggest you to setup a short lived temperory token such as jwt or something for user validation(if possible). I am not having much idea about paypal so wouldn't say much.

Upvotes: -1

Related Questions