Horai Nuri
Reputation: 5568
Django why can't I authenticate a user?
I'm trying to create a user authentification form using Django +1.8 but I encountered a problem, when I press the form submit button, nothing happens, the page is just reloading instead of loging in, why?
Here is the code:
views.py
from django.shortcuts import render
from django.contrib.auth import authenticate
from django.contrib.auth import login as auth_login
from django.contrib.auth import logout as auth_logout
# Create your views here.
def user(request):
context = {}
return render(request, 'user.html', context)
def login(request):
context = {}
if request.method == "POST":
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user is not None:
auth_login(request, user)
else:
context['error'] = 'Non active user'
else:
context['error'] = 'Mauvais nom d\'utilisateur ou mot de passe'
else:
context['error'] = ''
return render(request, 'user.html', context)
def logout(request):
context = {}
if request.method == "POST":
auth_logout(request)
else:
context['error'] = 'une erreur s\'est produite.'
return render(request, 'user.html', context)
urls.py
from django.conf.urls import url
from utilisateur import views
urlpatterns = [
url(r'^$', views.user, name="user"),
url(r'^login$', views.login, name='login'),
url(r'^logout$', views.logout, name='logout'),
]
user.html
{% block content %}
{% if user.authenticated %}
<p>{{ user.username }}</p>
<a href="logout?">Logout</a>
{% else %}
<form method="post" action="login">
{% csrf_token %}
<p>username:<input type="text" name="username"></p>
<p>password:<input type="password" name="password"></p>
<input value="Se connecter" type="submit">
</form>
{% endif %}
{% endblock %}
I also thought that the middlewares could be useful in order to solve this issue.
MIDDLEWARE_CLASSES = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
I think the problem comes from context_instance=RequestContext(request), how can I solve this ?
Upvotes: 0
Views: 603
Answers (2)
Anoop
Reputation: 2798
Actually authentication is working properly. All you need to make some corrections like, user.authemticated to user.is_authenticated and change the logout function and url on template
user.html:
{% block content %}
{% if user.is_authenticated %}
<p>{{ user.username }}</p>
<a href="/logout">Logout</a>
{% else %}
<form method="post" action="login">
{% csrf_token %}
<p>username:<input type="text" name="username"></p>
<p>password:<input type="password" name="password"></p>
<input value="Se connecter" type="submit">
</form>
{% endif %}
{% endblock %}
views.py
from django.shortcuts import render
from django.contrib.auth import authenticate
from django.contrib.auth import login as auth_login
from django.contrib.auth import logout as auth_logout
# Create your views here.
def user(request):
context = {}
return render(request, 'user.html', context)
def login(request):
context = {}
if request.method == "POST":
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
else:
context['error'] = 'Non active user'
else:
context['error'] = 'Mauvais nom d\'utilisateur ou mot de passe'
else:
context['error'] = ''
return render(request, 'user.html', context)
def logout(request):
context = {}
auth_logout(request)
return render(request, 'user.html', context)
Upvotes: 1
phourxx
Reputation: 621
The problem is that you just forgot to add a line to redirect the user to another page if the user is valid after authentication. You should replace these lines
`if user is not None:
if user is not None:
auth_login(request, user)
else:
context['error'] = 'Non active user'
else:
context['error'] = 'Mauvais nom d\'utilisateur ou mot de passe'`
with these
if user is not None:
auth_login(request, user)
redirect('login')
else:
context['error'] = 'Mauvais nom d\'utilisateur ou mot de passe'
then you go ahead and if the user has been authenticated with your template with this
{% if user.is_authenticated %}
or
{% if not user.is_anonymous %}
feel free to let me know if the problem still persists
Upvotes: 1
Related Questions
- Why is reading lines from stdin much slower in C++ than Python?
- What is the difference between null=True and blank=True in Django?
- Why is it string.join(list) instead of list.join(string)?
- Why is "1000000000000000 in range(1000000000000001)" so fast in Python 3?
- "This field is required" keeps showing even all the input field is filled
- Why do Python classes inherit object?
- How do I do a not equal in Django queryset filtering?
- django1.11 Custom authentication backend problem --return a unknown URL begin with /user/xxx?
- MongoEngine -- how to custom User model / custom backend for authenticate()