0
0
Djangoframework~20 mins

login_required decorator in Django - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
Login Required Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What happens when an anonymous user accesses a view with @login_required?
Consider a Django view decorated with @login_required. What is the behavior when an anonymous (not logged in) user tries to access this view?
Django
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse

@login_required
def secret_view(request):
    return HttpResponse('Secret content')
AThe user sees the 'Secret content' message without logging in.
BThe view raises a TypeError because the user is anonymous.
CThe user is redirected to the login page defined by LOGIN_URL setting.
DThe server returns a 403 Forbidden error.
Attempts:
2 left
💡 Hint
Think about what Django does to protect views from anonymous users.
📝 Syntax
intermediate
2:00remaining
Which code correctly applies @login_required to a class-based view?
You want to protect a Django class-based view using the @login_required decorator. Which option correctly applies it?
Django
from django.contrib.auth.decorators import login_required
from django.utils.decorators import method_decorator
from django.views import View
from django.http import HttpResponse

class MyView(View):
    def get(self, request):
        return HttpResponse('Hello')
A
@method_decorator(login_required, name='dispatch')
class MyView(View):
    def get(self, request):
        return HttpResponse('Hello')
B
@login_required
class MyView(View):
    def get(self, request):
        return HttpResponse('Hello')
C
class MyView(View):
    def get(self, request):
        @login_required
        return HttpResponse('Hello')
D
class MyView(View):
    @login_required
def get(self, request):
        return HttpResponse('Hello')
Attempts:
2 left
💡 Hint
Remember that @login_required is a function decorator, and class-based views need a special approach.
state_output
advanced
2:00remaining
What is the value of request.user after @login_required redirects?
In a Django view decorated with @login_required, if the user is not logged in and gets redirected to the login page, what is the value of request.user in the login view?
Django
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse

@login_required
def secret_view(request):
    return HttpResponse(f'User: {request.user}')
A<User: AnonymousUser>
B<User: None>
CRaises AttributeError because user is missing
D<User: admin>
Attempts:
2 left
💡 Hint
Think about what Django sets for unauthenticated users.
🔧 Debug
advanced
2:00remaining
Why does @login_required not redirect in this code?
This Django view uses @login_required but anonymous users can still access it. Why? 
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse

@login_required
def my_view():
    return HttpResponse('Hello')
AThe decorator is applied incorrectly; it should be @login_required() with parentheses.
BThe view function is missing the request parameter, so the decorator fails silently.
CLOGIN_URL is not set in settings.py, so redirect does not happen.
DThe HttpResponse is returned before the decorator runs.
Attempts:
2 left
💡 Hint
Check the function signature carefully.
🧠 Conceptual
expert
2:00remaining
How does @login_required handle the 'next' parameter in redirects?
When @login_required redirects an anonymous user to the login page, it appends a 'next' parameter to the URL. What is the purpose of this 'next' parameter?
AIt disables caching on the login page.
BIt is used to track how many times the user tried to access protected views.
CIt stores the user's session ID for security checks.
DIt tells the login view where to redirect the user after successful login.
Attempts:
2 left
💡 Hint
Think about user experience after login.