I want to send a user to a page on my site that prompts him to upgrade to a more recent browser if they are using ie6 or lower.
How can this be achieved in Django?
You want to use Middleware. Specifically, you want to sniff the browser agent in the process_request of your middleware, and return a HttpResponseRedirect if the browser agent indicates IE6.
There's a snippet that should get you started here. Do post a comment if you need help with it!
Related
To profile a GET endpoint in Flask, I've been using the Line Profile Panel for Flask Debug Toolbar.
This doesn't work on AJAX/XHR endpoints though. I've also tried line_profiler but it doesn't play nice with Flask.
Martijn Pieters' comment is correct. You can use Flask-Debug-API together with the Line Profiler Panel (https://github.com/jlfwong/flask_debugtoolbar_lineprofilerpanel).
Once both are added to your code, then you can navigate through the API Browser to the endpoint you want to test, submit a request to it, then you will have access to the results of the line profiler.
So I have set up Django rest framework as a backend API for an e-commerce website. The website is displayed through a React frontend, which is not served by the django backend.
I am currently running both the Django backend and the React frontend from their local development servers (http://127.0.0.1:8000 and http://127.0.0.1:3000 respectively). In the future they will be on separate domains, probably.
When I set a session in a view, and read the content in another, this works if I just type in the urls for creating and reading directly into my browser (just for testing purposes). But when I access the backend through my frontend, sessions can not be accessed anymore, or don't seem stored. What will happen is that I get a KeyError when trying to access the data that I set in a previous view.
I guess this has to do with something I have read about some time ago, but I find it hard to find the correct information on how to work with this. Does this have to do with the cookie with the session id not being available to the frontend, but only to the backend itself?
Main question:
I would like to know how I can work with sessions, using the above settup, for keeping a shopping cart.
My backend code, just in case someone wonders:
from django.http import HttpResponse
def cart_add(request, product_id, update, quantity):
request.session['one'] = 'created through "cart_add" view'
return HttpResponse("Created a session - cart_add")
def create(request):
request.session['one'] = 'created through "read" view'
return HttpResponse("Created a session - create")
def read(request):
print(request.session['one'])
I have removed some unnecessary code.
The cart_add view is called from the React frontend, using an ajax call (axios).
The create and the read view I called by typing their urls directly into the browser.
(This is all done for testing purposes, just making sure sessions are working before I start to write the real code.)
I've found a solution in another stackoverflow question. This is the link to it.
By adding the following to my axios request, the code works successfully:
axios.get('some api url', {withCredentials: true});
So it seems my assumption about the cookie with the session id not being available to the frontend is incorrect.
I also found out that I could see the cookie by opening the web page in Chrome, then opening the developer tools > going to 'application' tab > click on cookies.
Here all the available cookies are listed, and also a sessionid cookie is shown.
I had the same issue, by adding withCredentials in axios call didn't solve my problem in django 2.2.3 and axios 0.19.0.
If the answer here doesn't work for you, then look into the below answer :)
React Django REST framework session is not persisting/working
I integrate django social-auth in my app.In settings i have given
AUTHENTICATION_BACKENDS,FACEBOOK_APP_ID,FACEBOOK_API_SECRET, social_auth.context_processors,SOCIAL_AUTH_PIPELINE etc.
when i click on facebook login it is redirecting to facebook app login when logged in it is redirected back to my app but redirecting to LOGIN_ERROR_URL and the user is not authenticated.
LOGIN_REDIRECT_URL = '/'
LOGOUT_URL= '/logout/'
LOGIN_ERROR_URL = '/login-error/'
SOCIAL_AUTH_LOGIN_REDIRECT_URL="/home/"
How can i solve this and get my app authenticated? Same is happening with google login also.Please help.
Thanks.
This question is very similar to a recent one I just answered: django social auth error after completing pipeline . Over there, I said:
A good place to start would be to look in social-auth's views.py, at the few places where the redirect to LOGIN_ERROR_URL happens (the variable url is set to LOGIN_ERROR_URL and then HttpResponseRedirect(url) is called). Add some print statements, or better, set breakpoints using the python debugger. If you run your app in the Django development server, the print statements will show up in the terminal in which you ran the server. Otherwise, they may show up in your server logs, depending on your configuration. You may also find django-debug-toolbar helpful.
Using print statements or the debugger, my workflow would be:
Figure out what line in views.py the redirect is triggered from
Figure out what condition causes that line to be reached
Inspect the variables leading to that condition
Sorry this is so general. Happy to help more if you can provide some more specific information.
Aaron
encountered same mysterious redirect to error url.
For me problem was with a typo in an argument of custom pipeline method.
Fixing the typo fixed the problem.
I'm trying to get Google Web Toolkit to work with Django through GETs and POSTs, following the examples here. When GWT sends a POST, however, Django sends back an HTTP 403.
My question is then, is Django set up to not receive POSTs? Is there some setting I need to change? Or is there something wrong with the way GWT is sending the POST?
The GET is working either, if anyone also knows something about that.
From django1.2, views are csrf protected.
If you want to csrf exempt any view use csrf_exempt decorator
Maybe it's a stupid question, but I'm trying to login to my django app using a form that is outside django. My guess is that I could send a POST request to /login, but that would fail because of the csrf token.
Maybe I'm missing some kind of theoretical background, but I would like to know what's the correct way to achieve this.
Background info:
The django authentication is working fine IF you use the django login forms. What I'd like to do is to use an external static html form (on an apache outside django), to post to django directly so when I redirect to my django server, I don't have to login.
CSRF exists to prevent exactly this. Although you no doubt have good intentions, there's no technical difference between this and a hacker trying to steal access to your site via a real CSRF attack.
Sounds like you need a single-signon service like CAS: http://code.google.com/p/django-cas/
(but it's possible overkill)