时间戳

首页 > 解决方案 > 如何管理 django 内置的登录错误?

python - 如何管理 django 内置的登录错误?

问题描述

我对我的代码有疑问。如果帐户被禁用并且无效的凭据,我正在尝试重定向错误,但是如果它的无效不执行任何操作,我的代码正在执行,但是我想发送 json 数据,invalid credentials但是它不会从我的条件到任何地方

视图.py


class LoginView(View):
    def get(self, request):
        return render(request, 'login.html', { 'form':  AuthenticationForm })

    def post(self, request):
        form = AuthenticationForm(request, data=request.POST)
        if form.is_valid():
            user = authenticate(
                request,
                username=form.cleaned_data.get('username'),
                password=form.cleaned_data.get('password')
            )

            if user is not None:
                if user.is_active:
                    login(request, user)
                    return redirect('/') # home page
                else:
                    return HttpResponse("A") # account disabled
            else:
                return HttpResponse("invalid_creds")

网址.py


urlpatterns = [
  path('', auth_views.LoginView.as_view(template_name='login.html'), name='login'),
  path('profile/', views.ProfileView.as_view(), name='profile'),
  path('logout/', auth_views.LogoutView.as_view(), name='logout'),

]

设置

#LOGIN_REDIRECT_URL = '/account/profile'

LOGOUT_REDIRECT_URL = '/'

html

 <form method="post">
        {% csrf_token %}
        <h2 class="sr-only">Login Form</h2>
        <div class="illustration"><i class="icon ion-ios-locked-outline"></i></div>
        <div class="form-group"><input class="form-control" name="username" placeholder="Email" /></div>
        <div class="form-group"><input class="form-control" type="password" name="password" placeholder="Password" /></div>
        <div class="form-group"><button class="btn btn-primary btn-block" type="submit">Log In</button></div><a href="#" class="forgot">Forgot your email or password?</a></form>

标签: pythondjango

解决方案

尝试将“return HttpResponse("invalid_creds")”移高一级,使其以无效形式返回:

编辑:根据评论稍微改变了方法。

def LoginView(request):
    if request.method == "POST":
        form = AuthenticationForm(request, data=request.POST)
        if form.is_valid():
            user = authenticate(
                request,
                username=form.cleaned_data.get('username'),
                password=form.cleaned_data.get('password')
            )

            if user is not None:
                if user.is_active:
                    login(request, user)
                    return redirect('/') # home page
                else:
                    return HttpResponse("A") # account disabled
        else: # this else is one level higher
                return HttpResponse("invalid_creds")

    return render(request, 'login.html', { 'form':  AuthenticationForm })

推荐阅读