Django is.authenticated always returning true

Question

I am using Django authentication system and want to create logout button once the user has logged in to the website. But the user.is_authenticated is not working and logout button gets displayed even on the login page. Can someone please help me understand what am I missing? below is my code for views.py and template -

View :

def user_login(request):

    form=LoginForm()

    if request.method == "POST":
        username = request.POST.get('username')
        password = request.POST.get('password')

        user = authenticate(username=username, password=password)

        if user:
            print("came here")
            if user.is_active:
                login(request,user)
                return redirect('valid')
        else:
            return HttpResponse('username or password not correct')

    else:

        return render(request, 'restui/login.html',{'form':form})

Html :

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>REST API Framework</title>
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css" integrity="sha384-GJzZqFGwb1QTTN6wy59ffF1BuGJpLSa9DkKMp0DgiMDm4iYMj70gZWKYbI706tWS" crossorigin="anonymous">
</head>
<body>
    <nav class="navbar navbar-dark bg-primary">

                <a href="#" class="navbar-brand" style="font-family: 'Lato', sans-serif;">REST API Testing Framework</a>

                {% if request.user.is_authenticated %}

                    <button class="btn btn-light" type="submit">Logout</button>

                {% endif %}
    </nav>
    <br>
    <br>
    <br>
    <nav class="navbar fixed-bottom">
        <div class="container">
             <div class="navbar-header">
                <a href="#" class="navbar-brand"></a>
            </div>

            <ul class="nav navbar-nav">
                <li>
                    <a href="#"><img src="infosys-logo.jpg" style="max-height:100px; max-width:90%; right:1px; "></a>
                </li>
            </ul>
        </div>
    </nav>
    {% block body_block %}
    <div class="container">

        <form method="post">
          <div class="form-group">

              {{ form.username.label }} {{ form.username }}

          </div>
          <div class="form-group">
              {{ form.password.label }} {{ form.password }}

          </div>
            <br>
            {% csrf_token %}
          <button type="submit" class="btn btn-primary">Submit</button>
            <small id="emailHelp" class="form-text text-muted">Login issues? Please contact solutions team to get access.</small>

        </form>

         </div>
    {% endblock %}

</body>
</html>

Answer 1

Well, your user is still authenticated even you are on login page. You can check if the user is authenticated and just redirect to another page so that a logged in user doesn't see the login page.

def user_login(request):

    form=LoginForm()
    if request.user.is_authenticated:
        print("Already logged in")
        return redirect('valid')

    if request.method == "POST":
        username = request.POST.get('username')
        password = request.POST.get('password')

        user = authenticate(username=username, password=password)

        if user:
            print("came here")
            if user.is_active:
                login(request,user)
                return redirect('valid')
        else:
            return HttpResponse('username or password not correct')

    else:

        return render(request, 'restui/login.html',{'form':form})

Answer 2

Try This {% if user.is_authenticated %}

This is my code

{% if user.is_authenticated %}
 <li><a href="{% url 'logout' %}"><i class="fa fa-sign-out pull-right"></i> Log Out</a></li>

 {% else %} <a href="{% url 'login' %}" class="fa fa-sign-out pull-right"> LogIn </a>

{% endif %}