How can I make the form verify users name and password before login
in. So that if the user wants to login in with wrong data, the form
will tell the user to login in with the correct data. Any idea?
Can this code be put in the views.py?
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
So that it can verify users data before they loggin in?
On Jan 19, 6:03 pm, Mark Furbee <markfur...@gmail.com> wrote:
> No problem. You will likely use the form objects in your template, I just
> chose to create my own form in HTML.
>
> Since the 'views.Login' is a string, you don't need to import it. It just
> tells Django which view to pass the request to when that url pattern is
> found. The ^ means the beginning of the url after the slash
> (www.mysite.com/<starting
> here>). The $ means the string ends. I found this useful, because without
> it, multiple urls will match. For example: with `url(r'^login',
> 'views.Login')`, the following will all match and go to views.Login: 1)www.mysite.com/login, 2)www.mysite.com/login_page, 3)www.mysite.com/login?no_login=1. So I specify the $ to make it more exact,
> more out of habit than requirement. If you add the slash to the end like
> `url(r'^login/$', 'views.Login')`, it will require the slash, sowww.mysite.com/loginwill not match. If you want to have both urls work, I
> think this will work (although untested): `url(r'^login/?$',
> 'views.Login')`, where the /? means that there could be no / or one slash.
> With this, the following would not match: www,mysite.com/login///. If you
> wanted to allow multiple slashes, change the ? with *, like
> `url(r'^login/*', 'views.Login')`. Again, that's not tested, but it should
> work, I think.
>
> Happy Coding!
>
> Mark
>
>
>
>
>
>
>
> On Wed, Jan 18, 2012 at 6:09 PM, coded kid <duffleboi...@gmail.com> wrote:
> > Thanks bro. Don't you think I should import Login in urls.py? What
> > about / in before the $ in urls.py? Or I should just place it like
> > that?
>
> > Mark Furbee wrote:
> > > This is my login process.
>
> > > urls.py:
> > > url(r'^login$', 'views.Login'),
> > > url(r'^logout$', 'views.Logout'),
>
> > > views.py:
> > > def Login(request, next=None):
> > > """
> > > Used to log into the application.
> > > """
>
> > > # If the user is authenticated pass them through to the homepage.
> > > if request.user.is_authenticated():
> > > return HttpResponseRedirect('/')
>
> > > # If the user is not authenticated, but the method is POST, they have
> > > posted their username and password.
> > > if request.method == "POST":
>
> > > # Get Username and Password.
> > > username = request.POST['username']
> > > password = request.POST['password']
>
> > > # Authenticate.
> > > user = authenticate(username=username, password=password)
>
> > > # If the User is not None, they have a valid account and
> > password.
> > > if user is not None:
>
> > > # If the user isactive, we can log them in.
> > > if user.is_active:
> > > # Log them in, and redirect to the homepage.
> > > login(request, user)
> > > return HttpResponseRedirect('/')
>
> > > # If the user is not active, pass them back to the login
> > page,
> > > with a message that the account is inactive.
> > > else:
> > > return render_to_response('login.htm', {'error': 'Account
> > > Disabled - contact I.T. for assistance'},
> > > context_instance=RequestContext(request))
>
> > > # The user with those credentials did not exist, pass them back
> > to
> > > the login page, with a message that the account was invalid.
> > > else:
> > > return render_to_response('login.htm', {'error': 'Invalid
> > > Username/Password - contact I.T. for assistance'},
> > > context_instance=RequestContext(request))
>
> > > # They have not yet attempted a login, pass them to the login page,
> > > without any error messages..
> > > else:
>
> > > return render_to_response('login.htm', {'NoSessionTimeout':
> > 'True',
> > > 'next': next}, context_instance=RequestContext(request))
>
> > > def Logout(request):
> > > logout(request)
>
> > > # Render the logout.htm page, which will display they are logging out
> > > and redirect them to the login page.
> > > return render_to_response('login.htm', {'notice': 'You have been
> > logged
> > > out successfully.'}, context_instance=RequestContext(request))
>
> > > template login.htm:
>
> > > .
> > > .
> > > .
> > > <form enctype="application/x-www-form-urlencoded" action="/login"
> > > method="post" name="login">
> > > {% csrf_token %}
> > > <div width="100%" align="center">
> > > <br /><br /><br /><br /><br />
> > > <div class="login_heading">Login</div>
> > > <div class="login_box">
> > > <table class="login_table" cellpadding="0" cellspacing="0">
> > > <tr><td><br /><br /><br /></td>
> > > {% if error %}
> > > <tr>
> > > <td colspan="2" align="center" class="error">
> > > {% FatalImage %}
> > > {{ error }}
> > > </td>
> > > </tr>
> > > <tr><td><br /><br /></td>
> > > {% endif %}
> > > {% if warning %}
> > > <tr>
> > > <td colspan="2" align="center" class="warn">
> > > {% WarnImage %}
> > > {{ warning }}
> > > </td>
> > > </tr>
> > > <tr><td><br /><br /></td>
> > > {% endif %}
> > > {% if notice %}
> > > <tr>
> > > <td colspan="2" align="center" class="notice">
> > > {% NoticeImage %}
> > > {{ notice }}
> > > </td>
> > > </tr>
> > > <tr><td><br /><br /></td>
> > > {% endif %}
> > > <tr>
> > > <td align="right">Email address: </td>
> > > <td align="left">
> > > <input type="text" value="" name="username" id="username" size="32"
> > > maxlength="64" />
> > > </td>
> > > </tr>
> > > <tr>
> > > <td align="right">Password: </td>
> > > <td align="left">
> > > <input type="password" value="" name="password" id="password" size="32"
> > > maxlength="255" />
> > > </td>
> > > </tr>
> > > <tr><td colspan="2"> </td></tr>
> > > <tr>
> > > <td> </td>
> > > <td align="left">
> > > <input type="submit" name="submit" value="Login" />
> > > </td>
> > > </tr>
> > > </table>
> > > </div>
> > > </div>
> > > </form>
>
> > > On Wed, Jan 18, 2012 at 8:09 AM, Mark Furbee <markfur...@gmail.com>
> > wrote:
>
> > > > Is that template mainpage.html?
>
> > > > I'm not sure exactly what you mean is happening. When you open the
> > login
> > > > page it takes you back to the home page? Also, I would add in the
> > my_login
> > > > view that if they are already logged in to redirect them to another
> > page
> > > > besides the login page. As your view is now, when they go to the login
> > > > page, while they are already logged in, it will allow them to log in
> > again
> > > > as a different user. Perhaps that is intended, I just thought I'd
> > point it
> > > > out.
>
> > > > Mark
>
> > > > On Tue, Jan 17, 2012 at 10:57 PM, coded kid <duffleboi...@gmail.com
> > >wrote:
>
> > > >> Yeah, I've done that, but its not working! Any help?
>
> > > >> On Jan 17, 10:37 pm, Mark Furbee <markfur...@gmail.com> wrote:
> > > >> > It means, don't use the "decorator" @login_required above your login
> > > >> view.
> > > >> > Your login view cannot require a login, because you'd never get to
> > log
> > > >> in.
> > > >> > Chicken and egg.
>
> > > >> > On Tue, Jan 17, 2012 at 2:34 PM, coded kid <duffleboi...@gmail.com>
> > > >> wrote:
>
> > > >> > > Thorsten Sanders wrote:
> > > >> > > > With using
>
> > > >> > > > @login_required decorator the user needs to be logged in to
> > allow
> > > >> > > execution, don't makes much sense for a login :P
>
> > > >> > > > Am 17.01.2012 22:23, schrieb coded kid:
> > > >> > > > > Hi guys, I m having problem with my login form. The login form
> > > >> will
> > > >> > > > > redirect me to the next page even if I didn t input anything
> > in
> > > >> the
> > > >> > > > > username and password field. Also it can t get the username of
> > > >> the
> > > >> > > > > registered users to verify if the user data is wrong or right.
> > > >> How can
> > > >> > > > > I get rid of this problem?
> > > >> > > > > Below are my code:
> > > >> > > > > In views.py
> > > >> > > > > from django.db import models
> > > >> > > > > from mymeek.meekme.models import RegisterForm
> > > >> > > > > from django.shortcuts import render_to_response
> > > >> > > > > from django.http import HttpResponse
> > > >> > > > > from django.template import RequestContext
> > > >> > > > > from django.http import HttpResponseRedirect
> > > >> > > > > from django.contrib.auth import authenticate, login
> > > >> > > > > from django.contrib.auth.decorators import login_required
>
> > > >> > > > > @login_required
> > > >> > > > > def mylogin(request):
> > > >> > > > > if request.method=='POST':
> > > >> > > > > username= request.POST['username']
> > > >> > > > > password= request.POST['password']
> > > >> > > > > user=authenticate (username=username,
> > password=password)
> > > >> > > > > if user is not None:
> > > >> > > > > if user.is_active:
> > > >> > > > > login(request, user)
> > > >> > > > > return HttpResponseRedirect('/logpage/')
> > > >> > > > > else:
> > > >> > > > > return
> > direct_to_template(request,'q_error.html')
> > > >> > > > > else:
> > > >> > > > > return render_to_response('mainpage.html')
> > > >> > > > > In my template:
> > > >> > > > > <html>
> > > >> > > > > <form action='' method="post">
> > > >> > > > > <table>
> > > >> > > > > <tr>
> > > >> > > > > <td>{{form.username.label_tag}}</td>
> > > >> > > > > <td>{{form.username}}</td>
> > > >> > > > > </tr>
> > > >> > > > > <tr>
> > > >> > > > > <td>{{form.password.label_tag}}</td>
> > > >> > > > > <td>{{form.password}}</td>
> > > >> > > > > </tr>
> > > >> > > > > </table>
> > > >> > > > > <input type="submit" value="Login" />
> > > >> > > > > </form>
> > > >> > > > > </html>
> > > >> > > > > Please help me out! Thanks.
>
> > > >> > > --
> > > >> > > You received this message because you are subscribed to the Google
> > > >> Groups
> > > >> > > "Django users" group.
> > > >> > > To post to this group, send email to
> > django-users@googlegroups.com.
> > > >> > > To unsubscribe from this group, send email to
> > > >> > > django-users+unsubscribe@googlegroups.com.
> > > >> > > For more options, visit this group at
> > > >> > >http://groups.google.com/group/django-users?hl=en.
>
> > > >> --
> > > >> You received this message because you are subscribed to the Google
> > Groups
> > > >> "Django users" group.
> > > >> To post to this group, send email
>
> ...
>
> read more »
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
No comments:
Post a Comment