Add some middleware

src/djangooidc/views.py

@@ -130,8 +130,7 @@ def login_callback(request):
             # Clear the flag if the exception is not caught
             request.session.pop("redirect_attempted", None)
 
-            success_redirect_url = "/" if user.finished_setup else f"/finish-user-setup/{user.id}"
+            return redirect(request.session.get("next", "/"))
-            return redirect(request.session.get("next", success_redirect_url))
         else:
             raise o_e.BannedUser()
     except o_e.StateMismatch as nsd_err:

src/registrar/config/settings.py

@@ -160,7 +160,7 @@ MIDDLEWARE = [
     # django-cors-headers: listen to cors responses
     "corsheaders.middleware.CorsMiddleware",
     # custom middleware to stop caching from CloudFront
-    "registrar.no_cache_middleware.NoCacheMiddleware",
+    "registrar.registrar_middleware.NoCacheMiddleware",
     # serve static assets in production
     "whitenoise.middleware.WhiteNoiseMiddleware",
     # provide security enhancements to the request/response cycle
@@ -186,6 +186,7 @@ MIDDLEWARE = [
     "auditlog.middleware.AuditlogMiddleware",
     # Used for waffle feature flags
     "waffle.middleware.WaffleMiddleware",
+    "registrar.registrar_middleware.CheckUserProfileMiddleware",
 ]
 
 # application object used by Django’s built-in servers (e.g. `runserver`)

src/registrar/no_cache_middleware.py

@@ -1,17 +0,0 @@
-"""Middleware to add Cache-control: no-cache to every response.
-
-Used to force Cloudfront caching to leave us alone while we develop
-better caching responses.
-"""
-
-
-class NoCacheMiddleware:
-    """Middleware to add a single header to every response."""
-
-    def __init__(self, get_response):
-        self.get_response = get_response
-
-    def __call__(self, request):
-        response = self.get_response(request)
-        response["Cache-Control"] = "no-cache"
-        return response

src/registrar/registrar_middleware.py

@@ -0,0 +1,46 @@
+"""
+Contains middleware used in settings.py
+"""
+
+from django.urls import reverse
+from django.http import HttpResponseRedirect
+
+class CheckUserProfileMiddleware:
+    """
+    Checks if the current user has finished_setup = False. 
+    If they do, redirect them to the setup page regardless of where they are in
+    the application.
+    """
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        """Code that gets executed on each request before the view is called"""
+        response = self.get_response(request)
+        return response
+
+    def process_view(self, request, view_func, view_args, view_kwargs):
+        # Check if the user is authenticated and if the setup is not finished
+        if request.user.is_authenticated and not request.user.finished_setup:
+            # Redirect to the setup page
+            return HttpResponseRedirect(reverse('finish-contact-profile-setup'))
+
+        # Continue processing the view
+        return None
+
+
+class NoCacheMiddleware:
+    """
+    Middleware to add Cache-control: no-cache to every response.
+
+    Used to force Cloudfront caching to leave us alone while we develop
+    better caching responses.
+    """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        response = self.get_response(request)
+        response["Cache-Control"] = "no-cache"
+        return response