Geek Answers Handbook

Problems with Django auth / login

I am new to Django and trying to create a simple login system for my web page using django.contrib.auth.views.login with Django 1.4. I have a basic template containing the following login form, which is then expanded with other template pages on my website:

 <form method="post" action="/accounts/login/"> {% csrf_token %} <p><label for="id_username">Username:</label> <input id="id_username" type="text" name="username" maxlength="30" /></p> <p><label for="id_password">Password:</label> <input type="password" name="password" id="id_password" /></p> <input type="submit" value="Log in" /> <input type="hidden" name="next" value="{{ request.get_full_path }}" /> </form>

However, when I try to log in, I get the following message:

"Forbidden (403) CSRF verification failed. Request aborted. Reason for rejection: Invalid CSRF token or invalid."

Relevant snippets from urls.py:

 url(r'^accounts/login/$', 'django.contrib.auth.views.login')

and settings.py:

 TEMPLATE_CONTEXT_PROCESSORS = ( 'django.core.context_processors.request', ) ..... INSTALLED_APPS = ( 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'django.contrib.messages', 'django.contrib.staticfiles', ) ..... MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', )

Any suggestions?

+1
python authentication django login
source share
2 answers

simple entry / exit system can be found here

Let me briefly explain how to use standard auth through the user model in Django:

app_name / views.py:

 from django.http import HttpResponse from django.contrib.auth import authenticate, login from django.contrib.auth.decorators import login_required from django.template import Context, loader, RequestContext from django.shortcuts import render_to_response from django.template import @login_required def stat_info(request): return render_to_response('stat_info.html', {'is_auth':request.user.is_authenticated()}, context_instance=RequestContext(request)) @login_required def mainmenu(request): return render_to_response('mainmenu.html',{}, context_instance=RequestContext(request))

urls.py:

 from django.conf.urls import patterns, include, url from django.contrib import admin admin.autodiscover() urlpatterns = patterns('', url(r'^admin/', include(admin.site.urls)), (r'^statinfo/$', 'appname.views.stat_info'), (r'^accounts/login/$', 'django.contrib.auth.views.login'), (r'^accounts/logout/$', 'django.contrib.auth.views.logout', {'next_page' : '/accounts/login'}), (r'^mainmenu/$', 'appname.views.mainmenu') )

settings.py:

 ... LOGIN_REDIRECT_URL='/mainmenu/' ...

Templates / registration / login.html:

 {% extends "base.html" %} {% block content %} {% if form.errors %} <p>Your username and password didn't match. Please try again.</p> {% endif %} <form method="post" action="{% url django.contrib.auth.views.login %}"> {% csrf_token %} <table> <tr> <td>{{ form.username.label_tag }}</td> <td>{{ form.username }}</td> </tr> <tr> <td>{{ form.password.label_tag }}</td> <td>{{ form.password }}</td> </tr> </table> <input type="submit" value="login" /> <input type="hidden" name="next" value="{{ next }}" /> </form> {% endblock %}

/Base.html templates:

 <!DOCTYPE html> <html lang="en"> <head> <link rel="stylesheet" href="style.css" /> <title>{% block title %}templates/base.html{% endblock %}</title> </head> <body> <div id="sidebar"> {% block sidebar %} <ul> <li><a href="/">Home</a></li> {% if user.is_authenticated %} <li><a href="/accounts/logout">Logout</a></li> {% else %} <li><a href="/accounts/login">Login</a></li> {% endif %} </ul> {% endblock %} </div> <div id="content"> {% block content %}{% endblock %} </div> </body> </html>

Templates /mainmenu.html:

 <!DOCTYPE html> {% extends "base.html" %} <html> <head> <title>{% block title %}templates/mainmenu.html{% endblock %}</title> </head> <body> <div id="content"> {% block content %} Mainmenu <a href="/statinfo/">stat info</a> {% endblock %} </div> </body> </html>

Templates / stat _info.html:

 <!DOCTYPE html> {% extends "base.html" %} <html> <head> <title>{% block title %}templates/mainmenu.html{% endblock %}</title> </head> <body> <div id="content"> {% block content %} Mainmenu <a href="/statinfo/">stat info</a> {% endblock %} </div> </body> </html>
+7
source share

models:

class UserProf (models.Model):

 """ Create ``RegistrationProfile for User`` """ user = models.OneToOneField(User) """ Other fields here """ address1 = models.CharField(max_length=100,blank=True) address2 = models.CharField(max_length=100,blank=True) city = models.CharField(max_length=40,blank=True) country = models.CharField(max_length=40,blank=True) age = models.IntegerField(blank=True)

Views:

from django.contrib.auth import authenticate, login

def user_authenticate (request):

 """ check username and password and displays its appr. user_profile page """ username = password = '' if request.POST: username = request.POST.get('username') password = request.POST.get('Password') user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request,user) return HttpResponseRedirect('/profile/') else: return HttpResponseRedirect('/qioness/connect/') else: return HttpResponseRedirect('/qioness/connect/')

URLs:

URL (g '^ profile / $', show_detail),

template:

  <form action="/qioness/" method="post"> <label> <strong class="email-label">Username</strong> <input type="text" id="Email" name="username"> <span class="login_error"></span> </label> <label> <strong class="passwd-label">Password</strong> <input type="password" id="Passwd" name="Password"> <span class="login_error"> </span> </label> <input name="Add" type="submit" value="Log" class="Submit_btn" /> <label class="remember"> <input type="checkbox" value="yes" id="PersistentCookie" name="PersistentCookie"> <strong class="remember-label"> Remember Me </strong> </label> </form> </div>

4 worked for me :)

0
source share

More articles:


All Articles