AjaxNotAuthenticatedMiddleWare¶

Qualified name: intranet.middleware.ajax.AjaxNotAuthenticatedMiddleWare

class intranet.middleware.ajax.AjaxNotAuthenticatedMiddleWare(get_response)[source]¶

Bases: object

Django doesn’t handle login redirects with AJAX very nicely, so we have to work around the default behavior a little.

If a user’s session has expired, but they still have a window open, they client may send AJAX requests to a view wrapped in @login_required or something similar. When this happens, Django 302 redirects to something like /login?next=/eighth/signup, which will show up to the client as a 200 OK GET request and proceed as if everything worked. To avoid this, we need to detect these types of requests and change their status code to 401 to let the client know that the request actually failed.

Methods

__init__(get_response)[source]¶