Update web/core/views.py
This commit is contained in:
+8
-5
@@ -54,16 +54,19 @@ EXPECTED_HEADERS = [
|
|||||||
]
|
]
|
||||||
|
|
||||||
def login_view(request):
|
def login_view(request):
|
||||||
# If Django session already exists, go straight in
|
# If Django session already exists, go to app
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
return redirect("search")
|
return redirect("search")
|
||||||
|
|
||||||
# Auto-start OIDC ONLY on a clean GET to /login/
|
# Only auto-start OIDC if this is a fresh browser visit
|
||||||
# If ?next= is present, Django is already in a redirect flow — don't loop
|
# and NOT a redirect coming from Django itself
|
||||||
if request.method == "GET" and "next" not in request.GET:
|
if (
|
||||||
|
request.method == "GET"
|
||||||
|
and "next" not in request.GET
|
||||||
|
):
|
||||||
return redirect("oidc_authentication_init")
|
return redirect("oidc_authentication_init")
|
||||||
|
|
||||||
# Fallback (rare): render the page so the user can click manually
|
# Fallback: show login page (rare, but prevents loops)
|
||||||
ctx = {}
|
ctx = {}
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
|
|||||||
Reference in New Issue
Block a user