- We import and add the
@login_requireddecoration to the views that we want to authorize
# views.py
from django.contrib.auth.decorators import login_required
@login_requied
def delete_review(request, review_id):
#...
- We also have to add
LOGIN_URLinsettings.py. This redirects a user who is not logged in to the login page when they attempt to access an authorized page.
# settings.py
LOGIN_URL = 'login_account'