I am unable to login and redirect to home page using the custom login view (user_login) and AuthenticationForm. However, if i login using the admin page (http://127.0.0.1:8000/admin) and then reopen login page it automaticaly redirects to home page.
There is some issue related to authentication which is not getting done from my custom login page/view .I am unable to fix this or identify resolution based on answers provided online.
There is another issue regarding the URL it is showing as
http://127.0.0.1:8000/login/?csrfmiddlewaretoken=FhHQjhGGgFDwcikpH9kl3OwQMcZisjWS2zvMHFGBU6KxGNWbamgago7FhtSs8MeN&username=admin&password=admin
However, Password and Username should not be showing in the URL if form method is post.
URL
urlpatterns = [
path("", views.index, name="index"),
path("signup/", views.user_signup, name="signup"),
path("login/", views.user_login, name="login"),
path("home/", views.homepage, name="home"),]
Views
def user_login(request):
if request.user.is_authenticated:
return redirect("/home")
else:
if request.method == "POST":
form = AuthenticationForm(request, data=request.POST)
if form.is_valid():
username = form.cleaned_data.get("username")
password = form.cleaned_data.get("password")
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
return redirect("home")
else:
messages.error(request, "Invalid username or password.")
else:
messages.error(request, "Invalid username or password.")
form = AuthenticationForm()
return render(
request=request,
template_name="socialapp/login.html",
context={"login_form": form},
)
def homepage(request):
return render(request=request, template_name="socialapp/home.html")
Login HTML
<form action="{% url 'login' %}" id="login-form" method="post" class="bg-white shadow-md rounded px-8 pt-6 pb-8 mb-4">
{% csrf_token %}
{{ login_form|crispy }}
<button type="submit" class="text-white bg-blue-700 hover:bg-blue-800 focus:ring-4 focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 mr-2 mb-2 dark:bg-blue-600 dark:hover:bg-blue-700 focus:outline-none dark:focus:ring-blue-800" value="Submit">Login</button>
</form>
Home HTML
{% block main %}
<div class="flex flex-col min-h-screen justify-center items-center ">
<h1>Welcome to Home</h1>
</div>
{% endblock main %}
Settings
LOGIN_URL = "/login"
LOGIN_REDIRECT_URL = "/home"
You need to check login in else part
def SigninView(request):
if request.method == 'POST':
form = AuthenticationForm(request, data=request.POST)
username = request.POST.get("username")
password = request.POST.get("password")
user = authenticate(username=username,password=password)
if user is None:
messages.error(request,'Please Enter Correct Credinatial')
return redirect('/signin/')
else:
login(request,user)
messages.info(request,'Login Successful')
return redirect('/dashboard/')
else:
if request.user.is_authenticated:
return redirect('/dashboard/')
else:
form = AuthenticationForm()
return render(request,'signin.html',{'form':form})
Related
I want to make the email be set in the frontend of the django application.
I have go and create this class to make the authentification based on the email
class EmailBackend(ModelBackend):
def authenticate(self, request, username=None, password=None, **kwargs):
UserModel = get_user_model()
try:
user = UserModel.objects.get(email=username)
except UserModel.DoesNotExist:
return None
else:
if user.check_password(password):
return user
return None
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
Then I have go and define the path of this class in the settings.py
Everything is good without error and I logged in by typing the email. But in the frontend, the label is still "Username". How can I modify it?
Here it's the Html code form login page:
<form method="POST">
{% csrf_token %} <!--this protect our form against certeain attacks ,added security django rquires-->
<fieldset class="form-group">
{{ form|crispy}}
</fieldset>
<div class="form-group">
<button class="btn btn-outline-info" type="submit">Login</button>
<small class="test-muted ml-2">
<a class="ml-2" href="{% url 'password_reset' %}">Forgot Password?</a>
</small>
</div>
<!--- put div for a link if he is already have account--->
<div class="border-top pt-3">
<small class="test-muted">Need an account? <a class="ml-2" href="{% url 'register' %}">Sign Up</a></small>
<!--it a bootstrap -->
</div>
</form>
Edited:
This is the view code:
def login_view(request):
context = {}
user = request.user
destination = get_redirect_if_exists(request)
if request.method == "POST":
form = LoginForm(request.POST)
if form.is_valid():
email = form.cleaned_data["email"]
password = form.cleaned_data["password"]
user = authenticate(request, email=email, password=password)
if user == None:
attempt = request.session.get("attempt") or 0
request.session['attempt'] = attempt + 1
return render(request, 'pages/login.html')
else:
login(request, user)
destination = get_redirect_if_exists(request)
if destination:
return redirect(destination)
return redirect("home")
return render(request, 'pages/login.html')
and this is the login form code:
class LoginForm(UserCreationForm):
email = forms.CharField(label='email')
password = forms.CharField(label='password')
Probably you should change form
urlpatterns = [
path('login/', LoginView.as_view(authentication_form=YourForm), name='login'),
]
class YourForm(AuthenticationForm):
username = forms.CharField(widget=TextInput(attrs={'class':'validate','placeholder': 'Username or Email'}))
password = forms.CharField(widget=PasswordInput(attrs={'placeholder':'Password'})
Good day,
Using Django 1.11, I have created signin and signup forms.
My signin form is working correctly, but my signup form is using the GET method, not the POST method specified. Using the inspector on the signin form, it just shows . The method="POST" action="...." are missing and I cannot see why.
urls.py:
from django.conf.urls import url
from . import views
urlpatterns = [
url(r'^$', views.home, name='home'),
url(r'signin/$', views.sign_in, name='signin'),
url(r'signup/$', views.sign_up, name='signup'),
url(r'signout/$', views.sign_out, name='signout'),
]
views.py
def sign_in(request):
form = AuthenticationForm()
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if form.is_valid():
if form.user_cache is not None:
user = form.user_cache
if user.is_active:
login(request, user)
return HttpResponseRedirect(
reverse('stb:home')
)
else:
messages.error(
request,
"That user account has been disabled."
)
else:
messages.error(
request,
"Username or password is incorrect."
)
return render(request, 'stb/signin.html', {'form': form})
def sign_up(request):
form = UserCreationForm()
if request.method == 'POST':
form = UserCreationForm(data=request.POST)
if form.is_valid():
# Unpack form values
username = form.cleaned_data['username']
password = form.cleaned_data['password1']
email = form.cleaned_data['email']
# Create the User record
user = User(username=username, email=email)
user.set_password(password)
user.save()
user = authenticate(
username=username,
password=password
)
login(request, user)
messages.success(
request,
"You're now a user! You've been signed in, too."
)
return HttpResponseRedirect(reverse('stb:profile'))
return render(request, 'stb/signup.html', {'form': form})
signup.html:
{% extends "layout.html" %}
{% block title %}{{ block.super }} | Sign Up{% endblock %}
{% block body %}
<div class="grid-30 centered">
<h2>Sign Up</h2><form>
<form method="POST" action="{% url 'stb:signup' %}">
{% csrf_token %}
<input name="username" id="id_username" required="" autofocus=""
placeholder="User Name" maxlength="150" type="text">
<input name="email" id="id_email" required=""
placeholder="Email Address" type="email">
<input name="password1" required="" id="id_password1"
placeholder="Password" type="password">
<input name="password2" required="" id="id_password2"
placeholder="Confirm Password" type="password">
<input type="submit" class="button-primary" value="Sign Up">
<a class="button" href="signin.html">Sign In</a>
<input type="hidden" name="next" value="{{ next }}" />
</form>
</div>
{% endblock %}
Try moving the form assignment in the first line to the else statement of the if ,
Like this,
def sign_up(request):
if request.method == 'POST':
form = UserCreationForm(request.POST)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password1']
email = form.cleaned_data['email']
user = User(username=username, email=email)
user.set_password(password)
user.save()
user = authenticate( username=username, password=password )
login(request, user)
messages.success( request, "You're now a user! You've been signed in, too." )
return HttpResponseRedirect(reverse('stb:profile'))
else:
return render(request, 'stb/signup.html', {'errors': form.errors}
else:
form = UserCreationForm ()
return render(request, 'stb/signup.html', {'form': form})
I've been working on Django Authentication, but I have stumbled on a problem: login works on a page (the "post detail" page of the blog), but not on the homepage.
This is the part of the base.html that handles this header
{% if user.is_authenticated %}
<span class="glyphicon glyphicon-plus"></span>
<span class="glyphicon glyphicon-edit"></span>
<p class="top-menu">Hello, {{ user.first_name }}!<small> (Log out)</small></p>
{% else %}
<form>
{% csrf_token %}
{% if next %}
<input type="hidden" name="next" value="{{ next }}" />
{% endif %}
{{ login_form.as_p }}
</form>
{% endif %}
The view seems good to me, anyway here it is
def login(request):
if request.method == 'POST':
login_form = CustomLoginForm(request.POST)
email = request.POST.get('email')
password = request.POST.get('password1')
user = authenticate(email=email, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
return HttpResponseRedirect('/')
else:
return HttpResponse("Your Blog account is disabled.")
else:
print "Invalid login details: {0}, {1}".format(email, password)
return HttpResponse("Invalid login details supplied. Get back to the homepage.")
else:
login_form = CustomLoginForm()
return render(request, 'blog/post_list.html', {})
def post_list(request):
posts = Post.objects.filter(published_date__lte=timezone.now()).order_by('-published_date')
user = CustomUser.objects.all()
user_form = CustomUserCreationForm()
login_form = CustomLoginForm()
return render(request, 'blog/post_list.html', {'posts': posts, 'user_form': user_form, 'login_form': login_form, 'user': user})
I think the core of the problem could be on either the header of the base.html file or on the view.
This is what I see on the homepage (even when I'm logged in)
This is what I see on the post-detail page (and that's what I should see on the homepage too)
Any thoughts?
Your problem is here:
user = CustomUser.objects.all()
and then
return render(request, 'blog/post_list.html',
{'posts': posts, 'user_form': user_form,
'login_form': login_form, 'user': user})
You are passing a queryset result consisting of CustomUser objects as user in your request context. It overwrites the user variable assigned by the django.contrib.auth.context_processors.auth context processor.
To solve the problem, simply change the name of the template variable to something else, such as:
return render(...
'users': user})
I try to log a user but I have this error: MultiValueDictKeyError at / "'username'". I followed django documentation: https://docs.djangoproject.com/en/1.7/topics/auth/default/#django.contrib.auth.decorators.login_required
views:
def home(request):
return render_to_response('home.html', {}, context_instance=RequestContext(request))
def login_user(request):
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('start.html')
else:
return HttpResponseRedirect('profile.html')
else:
return HttpResponseRedirect('home.html')
url:
url(r'^$', 'core.views.login_user', name='login_user'),
html:
<form action="/login_user" method="POST" name="auth">
{% csrf_token %}
<label>Email</label>
<input type="text" name="username">
<label>Password</label>
<input type="password" name="password">
<button type="submit">Login</button>
</form>
This question might help you:
Use the MultiValueDict's get method. This is also present on standard dicts and is a way to fetch a value while providing a default if it does not exist.
username = request.POST.get("username", False)
password = request.POST.get("password", False)
I see many errors in your code.
You are pointing your form action to /login_user and in your URL you don't have any /login_user defined so when you enter to root / it will load the login_user function.
I recommend you to do this:
Change your view to something like this:
def login_user(request):
if request.user.is_authenticated():
return HttpResponseRedirect(reverse('home'))
if request.method == 'POST':
form = AuthenticationForm(data=request.POST)
if form.is_valid():
usuario = request.POST['username']
clave = request.POST['password']
acceso = auth.authenticate(username=usuario, password=clave)
if acceso is not None:
if acceso.is_active:
login(request, acceso)
return HttpResponseRedirect(reverse('home'))
else:
form = AuthenticationForm()
script = "alert('Usuario no activo');"
return render(request, 'login.html', locals())
else:
form = AuthenticationForm()
script = "alert('Usuario y/o contraseña invalida');"
return render(request, 'login.html', locals())
else:
form = AuthenticationForm()
return render(request, 'login.html', locals())
in your template (login.html)
<form action="{% url "login" %}" method="post" accept-charset="utf-8">
{{ form }}
{% csrf_token %}
<input class="btn btn-default" type="submit" value="Iniciar Sesión" />
</form>
in your urls.py:
url(r'^$', 'core.views.home', name='home'),
url(r'^login/$', 'core.views.login_user', name='login'),
With this a nice form will be shown ;)
I want to redirect a homepage after login in, but the request.user is always anonymous.Where the errors hide?
the code:
urls.py
urlpatterns = patterns('',
url(r'^login/$', login_view),
url(r'^main/$', main_view,name='main'),
)
i have a login form named forms.py
class LoginForm(forms.Form):
username = forms.CharField(required=True,
label='',
max_length=12,
error_messages={'required':'username'},
widget=forms.TextInput(
attrs={'placeholder':'username',
'class':'form-control'}))
password = forms.CharField(required=True,
label='',
max_length=12,
min_length=6,
error_messages={'required':'password'},
widget=forms.PasswordInput(
attrs={'placeholder':'password',
'class':'form-control'}))
def clean(self):
if not self.is_valid():
raise forms.ValidationError('username and password are required')
else:
cleaned_data = super().clean()
the view file:
def login_view(request):
if request.method == 'GET':
form = LoginForm(auto_id=False)
return render_to_response('game/login.html',
RequestContext(request, {'form': form,}))
else:
form = LoginForm(request.POST)
if form.is_valid():
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user = auth.authenticate(username=username,
password=password)
if user is not None and user.is_active:
auth.login(request, user)
return render_to_response('game/main.html',
context_instance=RequestContext(request))
else:
return render_to_response('game/login.html',
RequestContext(request,
{'form': form,'password_is_wrong':True}))
else:
return render_to_response('weapon/login.html',
RequestContext(request, {'form': form,}))
#login_required(login_url='/game/login/')
def main_view(request):
user = request.user
return render_to_response('weapon/main.html',
{'user':user},
context_instance=RequestContext(request))
login.html include:
<form class="form-signin" role="form" action="{% url 'game:main' %}" method="post">
{% csrf_token %}
<h2 class="form-signin-heading">Login in</h2>
{{ form.as_p }}
<label class="checkbox">
<input type="checkbox" value="remember-me"> remember me
</label>
<button class="btn btn-lg btn-primary btn-block" type="submit">Login</button>
</form>
main.html include:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
{% if user.is_authenticated %}
{{ user.username }} Successful
{% else %}
failed
{% endif %}
</body>
</html>
Any suggestions would be much appreciated.
After login you are redirecting the user to game/main.html whereas in my opinion you should redirect user to main_view instead.
The code block in views.py should be:-
EDITED:
if user is not None and user.is_active:
auth.login(request, user)
return HttpResponseRedirect('/game/main')
The form in your login template is pointing to the main view action="{% url 'game:main' %}" not the login view, your form never gets handled.
You should point it to the same login view to handle the authentication, simply use action="." too keep it on the same URL as the login view or point it specifically using the same technique you're using already with main, i.e.
urlpatterns = patterns('',
url(r'^login/$', login_view, name='login'),
url(r'^main/$', main_view, name='main'),
)
And in your template:
action="{% url 'game:login' %}"