I'm currently using out-of-the-box django.contrib.auth to handle authentication in my Django app. This means that the user starts at a log in page and is redirected to the app on successful login. I would like to make my app single-page, including this login process, where a redirect doesn't happen, but maybe a "hot" template switch-out or some fancy client-side div magic (that still remains secure). My Google searching turned up pretty short, the closest solution dealing with putting a log in form on every page.
Any direction or ideas here would be much appreciated. I would obviously prefer to work within the existing confines of django.contrib.auth if possible, but I'm open to all solutions.
I'm not sure I understand your question completely. I think you want to have a single page. If so, put logic in your template that checks to see if the user is authenticated. If not, display a login form that POSTS to the appropriate django.contrib.auth view. You can supply an argument to this view to have it redirect back to your page. When you come back, the user will be authenticated, so you won't display the login form.
Have a look at Django-Easy-Pjax https://pypi.python.org/pypi/django-easy-pjax - it works like a charm and is well documented. Everything you like is being made with AJAX requests: links, forms using GET and forms using POST.
Essentially you only need to add a data-pjax="#id_of_the_container_where_the_result_goes" attribute in your a and form tags.
And the great thing about it: It updates the title and location bar of your browser.
One caveat: If you want to upload files in some form, this is not supported by Easy-Pjax, so you might want to use some workaround jQuery library for that.
Related
I am thinking along the lines of /mysite/blogs/new. I know about add_child and about Routablepage, also the 'permissions route' but I still don't see how to permit page creation via a URL.
I am surprised that there do not appear to be any instructions for doing this, as relying on the admin method surely isn't acceptable for many 'naive' users. Indeed, it took me a while to realise that Wagtail isn't like Wordpress, in the sense of having an 'Add Post' button or the like.
The documentation does not clearly state that users are (apparently) expected to create pages via the Admin section either. In fact, there seems to be an assumption that developers will be familiar with Django, even though a CMS ought to be easier to use IMO.
Just to be clear, I think that Wagtail is great but the instructions leave something to be desired. Perhaps I will attempt to update them myself!
If you have the Edit Bird/Userbar enabled, then it presents a button to add a child page at any point in the page tree so long as you have permission to add one there. If you wish to give naïve users this option then you could make their permissions fairly restrictive, so that they only see this option at certain locations, and they don't see any of the other 'settings' areas of the Admin.
The admin page for adding this does have its own URL: it typically looks like http://www.example.com/admin/pages/13/add_subpage/, where 13 is the ID of the current page. If instead you want to present that link yourself, you can manually add the link in the template as
Add a child page
but first you should ensure that the user has the relevant permission. This is best done in Python, rather than in the template. See https://github.com/wagtail/wagtail/blob/master/wagtail/wagtailadmin/userbar.py for how Wagtail does this.
To get closer to your original request, you could combine all the above with RoutablePageMixin, by creating a route 'add' which redirects to the same URL:
#route(r'^add$')
def add_child_page(self, request):
return redirect(reverse('wagtailadmin_pages:add_subpage', args=[self.pk]))
I am using django-allauth for one of my project. I would like to implement login/signup process via ajax. I would like to have customized signup form. I was going through their signupmixin and signup form. Sounds like I can write custom views for each action and map it to the url config. I am not sure what is the best way to do this.
Thank you so much for any help or advice on this.
It depends a bit on what you mean by ajax. If you just want to have a popup-style login/signup box on every page, then you can simply add the form to your base template and show it dynamically using Javascript in a popup box or so. If you keep the form action url to the original allauth urls then this will already give the feel of an ajax signin. You could also tweak things by using $.ajax or $.post to post to the original allauth views.
Something like the above is done on http://officecheese.com/ -- this is an allauth based site, though I am not affiliated with it.
If by ajax you mean that all authentication related views should be displayed via ajax, without causing a new document reload, then I am afraid you are a little bit out of luck. This simply is problematic for scenario's where e-mail verification, or OAuth handshakes are involed, as here you are typically navigating to a new URL from your mailbox, or redirecting to Twitter and so on.
Is there a good way to have both the login and register forms for django-registration on one page? I've had trouble finding a way to do it now that the backend system is enforced. Is there a view that can be overwritten that would allow you to add both forms to it? Anyone done this before or can point to an article about this?
Edit: Just to clarify I have the whole django-registration and login system set up and working properly, I'd just like to get both forms on the same page. I do not have access to their views.
Just hard-code your login-form in the registration-html-template. It should work like a charm.
You can always override the default login and registration views/templates. You can take a look at this link and see if this was what you were thinking to do. Then, you can read the Django documentation for further information about making custom login and registration views and templates as well.
My Django site is vulnerable to spam, so I would like to include captcha protection. The problem is that a lot of components are from third party sources, and don't include captcha verification. While i could modify their views, that would effect the code's portability/upgradability, so I would rather not. I can only modify their templates.
I have solution, but it is a bit messy, and before I start implementing, I want to see if anyone has a better one.
My solution is as follows:
1) Redirect all Post forms on the site to targert a "captcha bounce" app that will programatically reconstruct their post request, check if the captcha is correct, add a verification token to the post, then redirect back to the original post target.
2) Implement a new type of middleware that will check all post requests. If the post request is not targeting the "captcha bounce" url, the middleware will return an error unless the verification token is present.
As i said before, this seems needlessly messy. Does anyone have a better idea?
It depends on app message but:
you can usually wrap their views into your views and add extra processing
you can extend their forms to add your captcha fields
you can add template-tag that is extra javascript check and just add it to your templates.
Ok, I figured it out. This should be doable just by using middleware. Just give it a list of views that it should check for captcha correctness. In the case of a wrong response, it cuts the post out of the request and/or activates some sort of error variable. Much simpler.
I want to place a "login" field in every page. I looked some examples about authentication in django and all of them creates a new login page and uses django.contrib.auth.views.login .
However, I want to use some parts of this view. So how can i create a view that uses also django auth ?
p.s.: if it's not clear let me know, cause I'm kinda lost and don't know how to ask =)
At first try take a look here https://bitbucket.org/ubernostrum/django-registration/
It is ready done registration/login solution, you can create some template for login and after this include to your pages using include syntax http://docs.djangoproject.com/en/dev/ref/templates/builtins/?from=olddocs#include