How do I access the request params in order to authenticate an user

Question

I would like to write a simple login form for my App. It is just a simple form, which sends data via post request to the django server. For authentification, I have to access the post request data, as mentioned in the django documentation but this doesn't work properly.

This is my html form:

<form method="POST" action="/login/">{% csrf_token %}
<div class="form-group">
<label for="ID">User</label>
<input type="text" class="form-control" id="ID" aria-describedby="User" placeholder="Username">
</div>
<div class="form-group">
<label for="password">Passwort</label>
<input type="password" class="form-control" id="password" laceholder="Passwort">
</div>
<button type="submit" class="btn btn-primary">Einloggen</button>
</form>

This is my django code:

def get_access(request):
    if request.method == 'POST':
        username = request.POST['ID']
        password = request.POST['password']
        user = authenticate(request, username=username, password=password)
        if user is not None:
            login(request, user)

I get this Error:

Environment:


Request Method: POST
Request URL: http://127.0.0.1:8000/login/

Django Version: 2.1.7
Python Version: 3.7.3
Installed Applications:
['django.contrib.admin',
 'django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'App',
 'rest_framework',
 'rest_framework.authtoken']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware']



Traceback:

File "C:\Users\felix\DEV\my_env\lib\site-packages\django\utils\datastructures.py" in __getitem__
  77.             list_ = super().__getitem__(key)

During handling of the above exception ('ID'), another exception occurred:

File "C:\Users\felix\DEV\my_env\lib\site-packages\django\core\handlers\exception.py" in inner
  34.             response = get_response(request)

File "C:\Users\felix\DEV\my_env\lib\site-packages\django\core\handlers\base.py" in _get_response
  126.                 response = self.process_exception_by_middleware(e, request)

File "C:\Users\felix\DEV\my_env\lib\site-packages\django\core\handlers\base.py" in _get_response
  124.                 response = wrapped_callback(request, *callback_args, **callback_kwargs)

File "C:\Users\felix\DEV\my_env\Animoo\App\views.py" in get_access
  163.         username = request.POST['ID']

File "C:\Users\felix\DEV\my_env\lib\site-packages\django\utils\datastructures.py" in __getitem__
  79.             raise MultiValueDictKeyError(key)

Exception Type: MultiValueDictKeyError at /login/
Exception Value: 'ID'

Can you help me?

Answer 1

A HTML form uses the name=... [html.com] attribute to create key-value pairs, not the id=.... So you should specify the name, as is specified in the documentation:

Specifies the name of an input element. The name and value of each input element are included in the HTTP request when the form is submitted.

thus you should add name attributes, like:

<form method="POST" action="/login/">{% csrf_token %}
<div class="form-group">
<label for="ID">User</label>
<input name="ID" type="text" class="form-control" id="ID" aria-describedby="User" placeholder="Username">
</div>
<div class="form-group">
<label for="password">Passwort</label>
<input name="password" type="password" class="form-control" id="password" laceholder="Passwort">
</div>
<button type="submit" class="btn btn-primary">Einloggen</button>
</form>

The id=... is used to identify objects in the DOM, and for example use JavaScript, etc. to dynamically change the HTML content. You thus can still keep the id="..." attribute, but it is not functional when you submit the form.