时间戳

首页 > 解决方案 > 豁免网址有问题

python - 豁免网址有问题

问题描述

嗨,我试图在我的项目中免除一个 url,以便用户可以绕过中间件并在不登录的情况下重置他们的密码。但是我放在 LOGIN_EXEMPT_URLS 中的 url 似乎没有解决这个问题,而是重置链接-密码将用户重定向到帐户/登录。

设置.py:

LOGIN_EXEMPT_URLS = {

r'^account/logout/$',
r'^account/register/$',
r'^account/reset-password$',
r'^account/reset-password/done/$',
r'^account/reset-password/confirm(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,23})/$',
r'^account/reset-password/complete/$',

}

中间件.py:

url_is_exempt = any(url.match(path)for url in EXEMPT_URLS)

    if path == reverse('accounts:logout').lstrip('/'):
        logout(request)

    if request.user.is_authenticated and url_is_exempt:
        return redirect(settings.LOGIN_REDIRECT_URL)

    elif request.user.is_authenticated or url_is_exempt:
        return None

    else:
        return redirect(settings.LOGIN_URL)

网址.py:

urlpatterns = [
url(r'^$', views.home),
url(r'^login/$', auth_views.LoginView.as_view(template_name='accounts/login.html'), name='login'),
url(r'^logout/$', auth_views.LogoutView.as_view(template_name='accounts/logout.html'), name='logout'),
url(r'^register/$', views.register, name='register'),
url(r'^profile/$', views.view_profile, name='view_profile'),
url(r'^profile/edit/$', views.edit_profile, name='edit_profile'),
url(r'^change-password/$', views.change_password, name='change_password'),

url(r'^reset-password/$',
    PasswordResetView.as_view(template_name='accounts/reset_password.html',
                              success_url=reverse_lazy('accounts:password_reset_done')), name='reset_password'),

url(r'^reset-password/done/$', PasswordResetDoneView.as_view(), name='password_reset_done'),
url(r'^reset-password/confirm(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,23})/$',
    PasswordResetConfirmView.as_view(), name='password_reset_confirm'),
url(r'^reset-password/complete/$', PasswordResetCompleteView.as_view(), name='password_reset_complete'),
]

主/urls.py:

urlpatterns = [
path('', views.login_redirect, name='login_redirect'),
path('admin/', admin.site.urls),
path('account/', include('accounts.urls', namespace='accounts')),


]

html: 这是在 {% else %} (user.is.authenticated)

<ul class="navbar-nav ml-auto">
        <li class='nav-item'>
            <a class="nav-link" href='{% url 'accounts:reset_password' %}'>Forgotten Password?</a>

html 中的所有内容都已正确格式化,但我认为有些代码有问题。对于那个很抱歉

仅供参考:注册豁免作品!

所以有什么问题?谢谢

标签: pythondjango

解决方案

您的豁免正则表达式r'^account/reset-password$'没有尾部斜杠。这与您的 URL 模式中的正则表达式不一致r'^reset-password/$',后者确实有一个斜杠。

推荐阅读