0
Ich erstelle ein benutzerdefiniertes Authentifizierungs-Back-End für zwei verschiedene Arten von Benutzern. Benutzer können sich mit ihrem Konto an- und abmelden. Manchmal verursacht es jedoch eine Endlosschleife. Was ist der mögliche Grund, einen solchen Fehler zu verursachen?Anmelden und Abmelden cause dead cycle
Die partielle Fehler in der Konsole:
"[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/ HTTP/1.1" 302 0
[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/%25253Fnext%25253D/dataInfo/login/ HTTP/1.1" 302 0
[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/%25253Fnext%25253D/dataInfo/login/%2525253Fnext%2525253D/dataInfo/login/ HTTP/1.1" 302 0
"
In meinen Ansichten
@login_required(login_url='/dataInfo/login/')
def login_view(request):
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(name=username,password=password)
if user is not None:
if user.is_active:
login(request,user)
#redirect to user profile
print "suffcessful login!"
# chech the user type
# if it is Customer,redirect to sale view
# if it is Staff,redirect to userprofile
if request.user.get_user_type() == "Customer":
return HttpResponseRedirect('/dataInfo/sale_view')
if request.user.get_user_type() == "Staff":
# set permission to user
request.user.asgin_perm("add_store")
request.user.asgin_perm("add_product")
request.user.asgin_perm("add_sale")
request.user.asgin_perm("change_store")
request.user.asgin_perm("change_product")
request.user.asgin_perm("change_sale")
request.user.asgin_perm("delete_store")
request.user.asgin_perm("delete_product")
request.user.asgin_perm("delete_sale")
return HttpResponseRedirect('/dataInfo/userprofile')
else:
# return a disable account
return HttpResponse("User acount or password is incorrect")
else:
print "Invalid login details: {0}, {1}".format(username, password)
return HttpResponseRedirect('/dataInfo/login')
else:
login_form = LoginForm()
return render_to_response('dataInfo/login.html', {'form': login_form}, context_instance=RequestContext(request))
@login_required(login_url='/dataInfo/login/')
def logout_view(request):
auth.logout(request)
return HttpResponseRedirect('/dataInfo/login')
In meinem Backend
from .models import Customer,Staff
from django.conf import settings
class CustomerAuthBackend(object):
def authenticate(self, name=None, password=None):
try:
user = Customer.objects.get(name=name)
if password == getattr(user,'password'):
user.is_active = True
# print "is_active: %s" %user.is_active
return user
else:
# Authentication fails if None is returned
return None
except Customer.DoesNotExist:
return None
def get_user(self, user_id):
try:
return Customer.objects.get(pk=user_id)
# TODO: may delete
except Customer.DoesNotExist:
return None
class StaffAuthBackend(object):
def authenticate(self, name=None, password=None):
try:
# TODO : check User is None
user = Staff.objects.get(name=name)
if password == getattr(user,'password'):
Staff.is_active = True
return user
else:
return None
except Staff.DoesNotExist:
return None
def get_user(self, user_id):
try:
return Staff.objects.get(pk=user_id)
# TODO: may delete
except Staff.DoesNotExist:
return None
Sie meinen, dass ich login_required Decorator in meiner Login-Ansicht löschen sollte. – pipi
@pipi - Yup .... – Sayse
Es funktioniert, danke Mann! – pipi