oliwarner
[Question] Any way to implement auth.login only after successful authentication via django-multifactor?
My website has a LoginView that after successful form submission, checking of username/password, etc., redirects to a home landing page localhost:8000/home. Logged-in users that access url localhost:8000/ will be redirected to localhost:8000/home. Whereas anon, non-logged in users that access localhost:8000/ will stay on the localhost:8000/ landing page. This is similar to a website like Twitter.
My problem is I've protected localhost:8000/home with @multifactor_protected. Any users that require authentication after login will be prompted with multifactor/authenticate/. However, if they fail authentication or decide to cancel, they will remain logged-in and be permanently stuck in a re-direct to multifactor/authenticate/ if they want to go to the regular website landing page localhost:8000/. Maybe I can use a property from request.user.dir()?
Essentially, I'm looking for users that fail authentication to have their login state remain as it was before authentication, and only change after successful authentication. Would I maybe use a request.session parameter? Maybe I'm missing something here as I explore this package. Thank you.
Edit: I've added a anchor/form element in brand.html that posts to LogoutView, thus breaking the stuck re-direct. A solution, but not ideal imo
