Redirect non super users to landing page/profile page if they try to access Django admin page

Question

I am building a Django based website and I am facing an issue when trying to redirect users to profile/landing page if they are not super users. Only super user who is logged in should have access to admin page.

Right now I am working on localhost.

Logged In scenario: Non super users are still able to access http://127.0.0.1/admin and http://127.0.0.1/admin/login

Not Logged In scenario: Not logged in users are still able to access http://127.0.0.1/admin/login

Logged in but Non super user view when trying to access http://127.0.0.1/admin:

Logged in but Non super user view when trying to access http://127.0.0.1/admin/login:

Not logged in users when trying to access http://127.0.0.1/admin:

Not logged in users when trying to access http://127.0.0.1/admin/login:

My urls.py looks like:

from imports *

admin.autodiscover()
admin.site.admin_view = admin_view
admin.site.login = login_required(admin.site.login)
admin.site.login = staff_member_required(admin.site.login, login_url=settings.LOGIN_URL)


urlpatterns = [
    path('', views.index, name ='index'),
    path('dummy', views.loggedin, name ='dummy'),
    url(r'^admin/login/', views.loggedin, name ='dummy'),
    url(r'^admin/', admin.site.urls),
] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

urlpatterns += staticfiles_urlpatterns()

What am I doing wrong here?

Answer 1

Looks like you have some extra routes in your urlpatterns - maybe these are the issue?

Here is my working urls.py that accomplishes what you are trying to do:

from django.contrib.admin.views.decorators import staff_member_required
from django.urls import path, include
from django.contrib import admin

admin.site.login = staff_member_required(admin.site.login, login_url='index')

urlpatterns = [
    
    path('admin/', admin.site.urls),
    ...

]