feat: add no-cache headers to login redirects

2023-10-26 13:27:26 +02:00 · 2023-10-26 13:27:26 +02:00 · b0eaa66e37
parent 8732785426
commit b0eaa66e37
1 changed files with 5 additions and 1 deletions
--- a/gas/views.py
+++ b/gas/views.py
@ -6,6 +6,7 @@ from django.core.exceptions import ImproperlyConfigured
 from django.db import router
 from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest
 from django.urls import reverse
+from django.utils.cache import add_never_cache_headers
 from django.utils.html import escape, escapejs
 from django.utils.text import capfirst
 from django.utils.translation import gettext_lazy as _
@ -97,7 +98,10 @@ class GASMixin:

    def dispatch(self, *args, **kwargs):
        if self.check_user_forbidden():
-            return HttpResponseRedirect(reverse('gas:login') + '?next={}'.format(self.request.path))
+            path = self.request.path
+            response = HttpResponseRedirect(reverse('gas:login') + f'?next={path}')
+            add_never_cache_headers(response)
+            return response
        return super().dispatch(*args, **kwargs)

    def form_valid(self, form):