for owner/auth stuff.

dav_events/views.py

@@ -1,9 +1,10 @@
 import logging
 import os
 
+from django.contrib.auth import login
 from django.core.exceptions import SuspiciousOperation
 from django.http import HttpResponseRedirect
-from django.urls import reverse_lazy
+from django.urls import reverse, reverse_lazy
 from django.views import generic
 
 from . import forms
@@ -87,8 +88,18 @@ class EventCreateView(generic.FormView):
             return self.render_to_response(self.get_context_data(form=next_form, event=event))
         else:
             event.save()
+            owner = event.owner
             self.clean_session_data()
-            return HttpResponseRedirect(reverse_lazy('dav_events:home'))
+            if self.request.user.is_authenticated():
+                next_url = reverse('dav_events:event_list')
+            elif owner.has_usable_password():
+                next_url = reverse('dav_events:event_list')
+            else:
+                # owner has no usable password, so he must be new.
+                # let him set his password.
+                login(self.request, owner)
+                next_url = reverse('dav_events:home')
+            return HttpResponseRedirect(next_url)
 
     def clean_session_data(self, session=None):
         if session is None: