It's a good idea to use render() instead of render_to_response(), see https://docs.djangoproject.com/en/1.8/topics/http/shortcuts/#render. That will fix the issue with the CSRF token. render() takes the request as the first argument, and uses a RequestContext. This is needed to run the context processors, which add the csrf_token to the template.
On Wednesday, November 25, 2015 at 7:05:26 PM UTC+1, Dariusz Mysior wrote:
-- On Wednesday, November 25, 2015 at 7:05:26 PM UTC+1, Dariusz Mysior wrote:
Hmm I forget about it but I change names on form_l and form_r and effect is the same, I had also infoC:\Python34\lib\site-packages\django\template\defaulttags. py:66: UserWarning: A {% csrf_token %} was used in a template, but the context did not provide the value. This is usually cause
d by not using RequestContext.
"A {% csrf_token %} was used in a template, but the context "
W dniu wtorek, 24 listopada 2015 21:34:30 UTC+1 użytkownik Dariusz Mysior napisał:Hi I had a problem with display a form of login and register, please look on it....
my template access_ownsite.html
{% load staticfiles %}
<!DOCTYPE html>
<html lang="en">
<head>
<title>{% block title %}{% endblock %}</title>
<link rel="stylesheet" type="text/css" href="{% static 'ownsite/css/style.css' %}" />
</head>
<body>
{% block content %}
<div id="header">
{% if user.is_authenticated %}
<p>Jesteś zalogowany <a href='ownsite/my_view'>{{ user.username }}</a></p>
<p><a href='/accounts/logout_view'>wyloguj </a></p>
{% else %}
<h2>Login</h2>
<form action = '/accounts/login_view/' method = 'post'>{% csrf_token %}
{{form.as_p}}
<input type='submit' value='Log' />
</form>
{% endif %}
</div>
<div id="content">
<div id="left_content">
{% block logout_msg %}
<p> {{ info }} </p>
<p>Nikt nie jest zalogowany w tym momencie.</p>
{% endblock %}
</div>
<div id="right_content">
{% if user.is_authenticated == False %}
<h2>Register</h2>
<form action = '/accounts/register_user/' method = 'post'>{% csrf_token %}
{{form.as_p}}
<input type='submit' value='Register' />
</form>
{% endif %}
</div>
</div>
<div id="footer">
<p>copyright © Dariusz Mysior</p>
</div>
{% endblock %}
</body>
</html>
my view.py
from django.contrib.auth.forms import UserCreationForm, AuthenticationForm
from django.shortcuts import render_to_response, render
from django.http import HttpResponseRedirect
from django.core.context_processors import csrf
from django.contrib.auth import authenticate, login, logout
def login_view(request):
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/accounts/my_view' )
else:
# Return a 'disabled account' error message
...
else:
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/e4504d21-0587-4ebf-8a76-a69aa1afaa81%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment