Best IT Recipes

Django 1.2 Session Losses

I asked a similar question before, but I did some more research, and this iteration should be a little different. It seems that several SO users had a problem with registering and logging users in the same view and were not answered.

The problem is that I register, authenticate and authorize the user in the same Django view. For most users who are good, but for other users, their subsequent request (they click on the link on my site) returns an Anonymous user. One way or another, the logged-in user loses his session and is redirected to a page on my sieve, does not require authentication.

When they are registered in clean login mode (as opposed to register + login), the session data remains in tact. It seems that the problem is registering and registering in one view.

See this post for the same issue: https://stackoverflow.com/questions/1693726/problem-with-combined-authentication-login-view .

It has been suggested that this is potentially a thread problem. I also saw that he suggested that he refers to a server for caching session data.

Any thoughts on what this really applies to? I cannot reproduce the error that really holds me back.

EDIT - I should note that I am using the default database supported database.

Here is my view in registration / login mode

def splash_register(request): if request.session.get('beta'): if request.method=='POST': userform=MyUserCreationForm(request.POST) if userform.is_valid(): #username of <30 char is required by Django User model. I'm storing username as a hash of user email user=userform.save(commit=False) user.username=hash(user.email) user.save() username=user.username password=str(userform.cleaned_data['password']) user=auth.authenticate(username=username, password=password) if user is not None: auth.login(request,user) request.session['first_visit']=True return HttpResponseRedirect("/") else: return HttpResponseRedirect('/splash/register/') else: userform=MyUserCreationForm(request.POST) return render_to_response("website/splash_register.html", {'userform':userform}, context_instance=RequestContext(request)) return render_to_response("website/splash_register.html", context_instance=RequestContext(request)) else: return HttpResponseRedirect('/splash/')
+5
django caching cookies apache session
Apr 25 2018-11-11T00:
source share
3 answers

You do not need to use authentication, in which case it is not needed. All you have to do is set up a user server record.

So something like this will work:

 def splash_register(request): if request.session.get('beta'): if request.method=='POST': userform=MyUserCreationForm(request.POST) if userform.is_valid(): #username of <30 char is required by Django User model. I'm storing username as a hash of user email user=userform.save(commit=False) user.username=hash(user.email) user.backend='django.contrib.auth.backends.ModelBackend' user.save() username=user.username password=str(userform.cleaned_data['password']) auth.login(request, user) request.session['first_visit']=True return HttpResponseRedirect("/") else: userform=MyUserCreationForm(request.POST) return render_to_response("website/splash_register.html", {'userform':userform}, context_instance=RequestContext(request)) return render_to_response("website/splash_register.html", context_instance=RequestContext(request)) else: return HttpResponseRedirect('/splash/')

Update

I mentioned this in a comment, but in terms of a β€œresponse” the solution is to add this to your settings file:

 SESSION_COOKIE_DOMAIN = 'yourdomain.com'

This will allow users to visit www.yourdomain.com or yourdomain.com to enter the website.

+18
Apr 29 '11 at 20:25
source share

Oh man, I’m both incredibly lightweight, and also full of dedication. I had no idea that Cookies could not be transferred between the names www and non-www.

A set of my users came to www, and then redirected to non-www, killing their session. Now I am setting up mod_rewrite to resolve the situation.

+3
Apr 30 2018-11-21T00:
source share

Just help someone else, I had this problem when in the current view request.user.is_authenticated () is set to True, but after the HttpResponseRedirect on another page, the same host, request.user became anonymous. I use sessions, but it turns out this is not a session. I made my own custom backend for authentication, and in documents at level 1.2 you should implement get_user (self, user_id), but I did not think that user_id (primary key) was something special, so I implemented it as get_user (self , username) .. but apparently this caused the problem!

+1
Jul 20 '11 at 18:13
source share


More articles:


All Articles