python - Redirect back in Flask

Question

I have a DB Table called Item. Item has a status attribute, that can be either of

new
todo
doing
done

On my website I have two views showing tables of Item.

• View 1 shows all Items (with a status column).
• View 2 only shows Items with the status todo.

Depending on the Item status, there are certain actions a user can perform ("move to todo", "move to doing", "move to done").

If you consider View 1 and View 2, they both have in common that they contain items with the status todo. So on both I have a Button linking to a URL called

/Item/<id>/moveToDoing

where id - Item's status is set to "doing".

Now I want the user to be redirected back to where he clicked the button (View 1 or View 2).

My questions are:

1. How to do this with Flask? I feel http://flask.pocoo.org/snippets/62/ is not quite what I need, because I have no POST request with a formular here. (should I?)
2. Am I doing this the right way or is there a convention on how to normally solve that?

Answer 1

I'm using the helper function which is recommended here: http://flask.pocoo.org/docs/reqcontext/

def redirect_url(default='index'):
    return request.args.get('next') or 
           request.referrer or 
           url_for(default)

Use it in in the view

def some_view():
    # some action
    return redirect(redirect_url())

Without any parameters it will redirect the user back to where he came from (request.referrer). You can add the get parameter next to specify a url. This is useful for oauth for example.

instagram.authorize(callback=url_for(".oauth_authorized",
                                                next=redirect_url(),
                                                _external=True))

I also added a default view if there should be no referrer for some reason

redirect_url('.another_view')

The snippet you linked basically does the same but more secure by ensuring you cannot get redirected to a malicious attacker's page on another host.