Redirect back in Flask
I have a DB Table called Item. Item has a status attribute, that can be either of
new
todo
doing
done
On my website I have two views showing tables of Item.
- View 1 shows all Items (with a status column).
- View 2 only shows Items with the status
todo.
Depending on the Item status, there are certain actions a user can perform ("move to todo", "move to doing", "move to done").
If you consider View 1 and View 2, they both have in common that they contain items with the status todo. So on both I have a Button linking to a URL called
/Item/<id>/moveToDoing
where id - Item's status is set to "doing".
Now I want the user to be redirected back to where he clicked the button (View 1 or View 2).
My questions are:
- How to do this with Flask? I feel http://flask.pocoo.org/snippets/62/ is not quite what I need, because I have no POST request with a formular here. (should I?)
- Am I doing this the right way or is there a convention on how to normally solve that?
Solution 1:
I'm using the helper function which is recommended here: http://flask.pocoo.org/docs/reqcontext/
def redirect_url(default='index'):
return request.args.get('next') or \
request.referrer or \
url_for(default)
Use it in in the view
def some_view():
# some action
return redirect(redirect_url())
Without any parameters it will redirect the user back to where he came from (request.referrer).
You can add the get parameter next to specify a url. This is useful for oauth for example.
instagram.authorize(callback=url_for(".oauth_authorized",
next=redirect_url(),
_external=True))
I also added a default view if there should be no referrer for some reason
redirect_url('.another_view')
The snippet you linked basically does the same but more secure by ensuring you cannot get redirected to a malicious attacker's page on another host.