How to disable Back Button in Django after login:-
Many developers do a common mistake in the Django application that he provide a logout option but not write the code to disable the back button then anyone again enters into the system.
This limitation can be solved by the Django session object and clear cache reference of internal pages.
In this example, I am explaining the complete code of the Login, Logout, and Disable Back button for Index and Course Method.
Django provides the following decorator to clear the cache
@cache_control(no_cache=True, must_revalidate=True, no_store=True)
Code of Model Class:-
from django.db import models
class Student(models.Model):
rno= models.IntegerField()
sname=models.CharField(max_length=50)
branch=models.CharField(max_length=20)
fees = models.FloatField()
def __str__(self):
return "rno is "+str(self.rno)+ " sname is "+self.sname + " branch is "+self.branch+ "fees is "+str(self.fees)
class Course(models.Model):
courseid=models.IntegerField()
coursename= models.CharField(max_length=50)
coursefees=models.CharField(max_length=20)
def __str__(self):
return "courseid "+str(self.courseid) + " coursename is "+str(self.coursename) + " fees is " + str(self.coursefees)
class Reg(models.Model):
uname= models.CharField(max_length=20)
pwd=models.CharField(max_length=10)
email=models.CharField(max_length=20)
mobile = models.CharField(max_length=12)
def __str__(self):
return "rno is "+str(self.uname)+ " password is "+self.pwd + " emailid is "+self.email+ "mobile no is "+str(self.mobile)
Code of Views.py
from django.shortcuts import render,redirect
from django.http import HttpResponse
from .models import Student,Course,Reg
from django.views.decorators.cache import cache_control
@cache_control(no_cache=True, must_revalidate=True, no_store=True)
def login(request):
if request.method=="POST":
r = Reg.objects.filter(uname=request.POST["txtuser"],pwd=request.POST["txtpass"])
if r.count()>0:
request.session["uid"]=request.POST["txtuser"]
return redirect('/dbapp/index')
else:
return HttpResponse("Invalid Userid and password")
return render(request,"dbapp/login.html")
def reg(request):
if request.method=="POST":
r = Reg(uname=request.POST["txtuser"],pwd=request.POST["txtpass"],email=request.POST["txtemail"],mobile=request.POST["txtmobile"])
r.save()
return redirect('login')
return render(request,"dbapp/reg.html")
@cache_control(no_cache=True, must_revalidate=True, no_store=True)
def index(request):
if request.session.has_key('uid'):
uid = request.session["uid"]
if request.method=="POST":
obj = Course(courseid=request.POST["txtrno"],coursename=request.POST["txtsname"],coursefees=request.POST["txtbranch"])
obj.save()
return render(request,"dbapp/index.html",{"res":"data inserted successfully"})
return render(request,"dbapp/index.html",{'key':uid})
else:
return redirect('login')
@cache_control(no_cache=True, must_revalidate=True, no_store=True)
def logout(request):
del request.session["uid"]
return redirect('login')
@cache_control(no_cache=True, must_revalidate=True, no_store=True)
def course(request):
if request.session.has_key('uid'):
res = Course.objects.all()
return render(request,"dbapp/course.html",{'data':res})
else:
return redirect('login')
def editrec(request):
if request.method=="POST":
e=request.POST["tcid"]
m=request.POST["tcname"]
f=request.POST["tfee"]
s = Course.objects.get(pk=request.POST["txtid"])
s.courseid=e
s.coursename=m
s.coursefees=f
s.save()
return redirect('course')
else:
res = Course.objects.get(pk=request.GET["q"])
return render(request,"dbapp/editrec.html",{'data':res})
def deleterec(request):
if request.method=="POST":
res = Course.objects.get(pk=request.POST["txtid"])
res.delete()
return redirect('course')
else:
res = Course.objects.get(pk=request.GET["q"])
return render(request,"dbapp/deleterec.html",{'data':res})
VIDEO
Post a Comment
POST Answer of Questions and ASK to Doubt