Not redirecting to next page after login in Rest Framework
I have been trying to redirect the user to the main page after successful login in API. Email id and password which comes from the Angular. If the user exist in the SQL I want to redirect to main page.
However, the email and password which is already existed in the SQL server where I have called the Stored Procedure in the Django rest framework.
All I just want to pass the user's input in the place of 'demouser@demo.com' and 'NewUser@1' into the Stored Procedure now I have hardcoded value of the email and password which I suppose to get it from the POST request. How could I able to pass the post request in the Stored Procedure.
views.py
@api_view(['GET', 'POST'])
def CheckUserStatusView(request):
if request.method == 'GET':
users = Tblusers.objects.all()
serializer = CheckUserStatusSerializers(users, many=True)
return Response(serializer.data)
elif request.method == 'POST':
cursor = connection.cursor()
cursor.execute('EXEC [dbo].[sp_CheckOneQUserStatus] @EmailId=%s, @Password=%s', ('demouser@demo.com', 'NewUser@1'))
result_set = cursor.fetchall()
for row in result_set:
row[2]
if request.data.get('EmailId') == row[2]:
serializer = CheckUserStatusSerializers(data=request.data)
if serializer.is_valid():
serializer.save()
return HttpResponseRedirect(redirect_to='https://127.0.0.1:4200/#/dashboard')
# return Response(status=status.HTTP_308_PERMANENT_REDIRECT)
return Response(status=status.HTTP_201_CREATED)
serializers.py
class CheckUserStatusSerializers(serializers.ModelSerializer):
class Meta:
model = Tblusers
fields ='__all__'
models.py
class Tblusers(models.Model):
UserID = models.AutoField(db_column='UserID', primary_key=True)
FullName = models.CharField(db_column='FullName', max_length=255)
Emailid= models.CharField(db_column='AccentureID', max_length=255)
Password = models.CharField(db_column='Password', max_length=200)
You can get it from request object like this
elif request.method == 'POST':
email = request.POST.get('email')
password = request.POST.get('password')
cursor = connection.cursor()
cursor.execute('EXEC [dbo].[sp_CheckOneQUserStatus] @EmailId=%s, @Password=%s', (email, password))
result_set = cursor.fetchall()
and i'll suggest try to use Django ORM it's safe and don't store raw passwords of users in table try to hash it and store it. It's good practice.