[英]Django login not working. Only works for superuser/admin
我之前在注册后端使用django-registration-redux,并且一切正常。 然后,我决定将注册后端更改为django的默认注册django.contrib.auth
,并且注册工作正常,但登录无效。 但是,事实是,只有我的超级用户acoount可以登录,其他所有用户都不能登录,无论是普通用户还是具有工作人员权限的用户。 它不断给我无效的用户名/密码错误。
以下是我的views.py的登录部分
def signin(request):
if request.user.is_authenticated:
return HttpResponseRedirect("/")
form = LoginForm()
errors = None
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data.get('username')
username = username.lower()
password = form.cleaned_data.get('password')
user = authenticate(username=username, password=password)
login(request, user)
if user.is_staff:
return redirect('sweet:vendor_index')
else:
return redirect('sweet:index')
else:
errors = "Invalid Username or Password"
return render(request, 'myregistration/signin.html', {'form':form, 'errors':errors})
以下是我的signin.html
{% extends "base.html" %}
{% block title %}sign in{% endblock %}
{% block content %}
<h1>Sign in</h1>
{% if form.errors %}
<p class="error">Please correct the errors below:</p>
{{ errors }}
{% endif %}
<form method="post" action="{% url 'myregistration:signin' %}">{% csrf_token %}
<dl>
<dt><label for="id_username">Username:</label>{% if form.username.errors %} <span class="error">{{ form.username.errors|join:", " }}</span>{% endif %}</dt>
<dd>{{ form.username }}</dd>
<dt><label for="id_password">Password:</label>{% if form.password.errors %} <span class="error">{{ form.password.errors|join:", " }}</span>{% endif %}</dt>
<dd>{{ form.password }}</dd>
<dt><input type="submit" value="sign in" /></dt>
</dl>
</form>
<p>Forgotten password? Click <a href="{% url 'auth_password_reset' %}">here</a> to reset password</p>
{% endblock %}
{% block content-related %}
<p>If you don't have an account, you can <a href="/accounts/register/">sign
up</a> for one.
{% endblock %}
最后,我的urls.py
from django.conf.urls import url
from myregistration import views
from django.contrib.auth import views as auth_views
app_name = 'myregistration'
urlpatterns = [
url(r'^register_vendor/', views.register_vendor, name='register_vendor'),
url(r'^register_customer/', views.register_customer, name='register_customer'),
url(r'^email_confirm/', views.email_confirm, name='email_confirm'),
url(r'^password_change/$', views.password_change, name='password_change'),
url(r'^password_reset/$', auth_views.password_reset, name='password_reset'),
url(r'^password_reset/done/$', auth_views.password_reset_done, name='password_reset_done'),
url(r'^signin/', views.signin, name='signin'),
url(r'^logout/', views.logout, name='logout'),
url(r'^activate/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$', views.activate, name='activate'),
]
以下是我的注册方法
def register_customer(request):
registered = False
if request.method == 'POST':
customerform = CustomerSignUpForm(data=request.POST)
if customerform.is_valid():
customer = customerform.save(commit=False)
# Remeber to hash password again
customer.set_password(customer.password)
customer.is_active = False
customer.is_staff = False
customer.save()
text_content = "Account Activation Email"
mail_subject = "Activate your Juggernut account"
template_name = "myregistration/account_activate.html"
from_email = customerform.cleaned_data.get('email')
recipients = [customer.email]
kwargs = {
"uidb64":urlsafe_base64_encode(force_bytes(customer.pk)).decode(),
"token":account_activation_token.make_token(customer)
}
activation_url = reverse("myregistration:activate", kwargs=kwargs)
activation_url = "{0}://{1}{2}".format(request.scheme, request.get_host(), activation_url)
context = {
'customer':customer,
'activation_url':activation_url
}
html_content = render_to_string(template_name, context)
email=EmailMultiAlternatives(mail_subject, text_content, from_email, recipients)
email.attach_alternative(html_content, 'text/html')
email.send()
return redirect("myregistration:email_confirm")
registered=True
else:
print(customerform.errors)
else:
customerform = CustomerSignUpForm()
return render(request, 'myregistration/register_customer.html', {'customerform':customerform, 'registered':registered})
如您所见,在您的视图中,您的视图具有一个form类form = LoginForm()
,但是在模板中,您没有呈现此表单,并且if form.is_valid():
,则您将无法对其进行验证以及该行的if form.is_valid():
将始终返回False。
您有两个选择,呈现表单类或进行更改:
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data.get('username')
username = username.lower()
password = form.cleaned_data.get('password')
user = authenticate(username=username, password=password)
login(request, user)
if user.is_staff:
return redirect('sweet:vendor_index')
else:
return redirect('sweet:index')
else:
errors = "Invalid Username or Password"
至:
username = request.POST.get('username')
username = username.lower()
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
if user.is_staff:
return redirect('sweet:vendor_index')
else:
return redirect('sweet:index')
LoginForm类可能带有其他参数,因此无法验证
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.