LOGIN FORM
Hi all,
I want to create a simple login form in django..Please
help I am a complete beginner
My Code:
{% csrf_token %}
username
password
login
Error Message (when I press login button) :
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure: CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request
Forgery, or when Django's CSRF mechanism has not been used correctly.
For POST forms, you need to ensure:
* The view function uses RequestContext for the template, instead
of Context.
* In the template, there is a {% csrf_token %} template tag inside
each POST form that targets an internal URL.
* If you are not using CsrfViewMiddleware, then you must use
csrf_protect on any views that use the csrf_token template tag, as
well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG =
True in your Django settings file. Change that to False, and only the
initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting."
Please help me out
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Import Error
Hi all,
I created a simple login form
My code:
{% csrf_token %}
username
password
login
In views.py i added
def login(request):
return render_to_response('login.html')
In urls.py i added
(r'^login/', include('macrohms.views.login')),
The Error when i press login button:
ImportError at /login/
No module named login
Request Method: POST Request URL: http://localhost:8000/login/ Django
Version: 1.2.3 Exception Type: ImportError Exception Value:
No module named login
Exception Location:
/home/saad/www/lib/python2.6/site-packages/Django-1.2.3-py2.6.egg/django/utils/importlib.py
in import_module, line 35 Python Executable: /home/saad/www/bin/python Python
Version: 2.6.5 Python Path: ['/home/saad/www/webapps/macrohms',
'/home/saad/www/lib/python2.6/site-packages/setuptools-0.6c11-py2.6.egg',
'/home/saad/www/lib/python2.6/site-packages/pip-0.8.1-py2.6.egg',
'/home/saad/www/lib/python2.6/site-packages/Django-1.2.3-py2.6.egg',
'/home/saad/www/lib/python2.6/site-packages/Coffin-0.3.3-py2.6.egg',
'/home/saad/www/lib/python2.6/site-packages/Jinja2-2.5.2-py2.6.egg',
'/home/saad/www/lib/python2.6/site-packages/WTForms-0.6.1-py2.6.egg',
'/home/saad/www/lib/python2.6', '/home/saad/www/lib/python2.6/plat-linux2',
'/home/saad/www/lib/python2.6/lib-tk',
'/home/saad/www/lib/python2.6/lib-old',
'/home/saad/www/lib/python2.6/lib-dynload', '/usr/lib/python2.6',
'/usr/lib/python2.6/plat-linux2', '/usr/lib/python2.6/lib-tk',
'/home/saad/www/lib/python2.6/site-packages'] Server time: Tue, 28 Sep 2010
23:40:56 -0500
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Re: Import Error
Thanks a lo :)
but there is a new error
The Error:
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request
Forgery, or when Django's CSRF
mechanism<http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf>has
not been used correctly. For POST forms, you need to ensure:
- The view function uses
RequestContext<http://docs.djangoproject.com/en/dev/ref/templates/api/#subclassing-context-requestcontext>for
the template, instead of
Context.
- In the template, there is a {% csrf_token %} template tag inside each
POST form that targets an internal URL.
- If you are not using CsrfViewMiddleware, then you must use
csrf_protecton any views that use the
csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in
your Django settings file. Change that to False, and only the initial error
message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
On Wed, Sep 29, 2010 at 10:39 AM, Yo-Yo Ma wrote:
> (r'^login/', include('macrohms.views.login')), is incorrect.
>
> the include() function, pertaining to urls.py is for including other
> URL confs (so you can have sub-sections of your site contain their own
> urls.py). You'll want to replace that line with:
>
> url(r'^login/$', 'macrohms.views.login')),
>
> Note, I changed two additional things - I changed your tuple to a
> url() function call instead, and I added a $ at the end of the URL
> pattern (denotes the end of a string in regex). The url() function is
> the "cool" way to define URLs.
>
> On Sep 28, 10:41 pm, Saad Sharif wrote:
> > Hi all,
> >
> > I created a simple login form
> >
> > My code:
> > > dojoType="dijit.form.Form" >{% csrf_token %}
> > username
> > password
> > login
> >
> >
> > In views.py i added
> >
> > def login(request):
> > return render_to_response('login.html')
> >
> > In urls.py i added
> >
> > (r'^login/', include('macrohms.views.login')),
> >
> > The Error when i press login button:
> > ImportError at /login/
> >
> > No module named login
> >
> > Request Method: POST Request URL:http://localhost:8000/login/ Django
> > Version: 1.2.3 Exception Type: ImportError Exception Value:
> >
> > No module named login
> >
> > Exception Location:
> >
> /home/saad/www/lib/python2.6/site-packages/Django-1.2.3-py2.6.egg/django/utils/importlib.py
> > in import_module, line 35 Python Executable: /home/saad/www/bin/python
> Python
> > Version: 2.6.5 Python Path: ['/home/saad/www/webapps/macrohms',
> > '/home/saad/www/lib/python2.6/site-packages/setuptools-0.6c11-py2.6.egg',
> > '/home/saad/www/lib/python2.6/site-packages/pip-0.8.1-py2.6.egg',
> > '/home/saad/www/lib/python2.6/site-packages/Django-1.2.3-py2.6.egg',
> > '/home/saad/www/lib/python2.6/site-packages/Coffin-0.3.3-py2.6.egg',
> > '/home/saad/www/lib/python2.6/site-packages/Jinja2-2.5.2-py2.6.egg',
> > '/home/saad/www/lib/python2.6/site-packages/WTForms-0.6.1-py2.6.egg',
> > '/home/saad/www/lib/python2.6',
> '/home/saad/www/lib/python2.6/plat-linux2',
> > '/home/saad/www/lib/python2.6/lib-tk',
> > '/home/saad/www/lib/python2.6/lib-old',
> > '/home/saad/www/lib/python2.6/lib-dynload', '/usr/lib/python2.6',
> > '/usr/lib/python2.6/plat-linux2', '/usr/lib/python2.6/lib-tk',
> > '/home/saad/www/lib/python2.6/site-packages'] Server time: Tue, 28 Sep
> 2010
> > 23:40:56 -0500
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Re: Import Error
Thanks for your help :) Yup, I already did that, added {% csrf_token %} just
after tag..still the same error comes up :(
On Wed, Sep 29, 2010 at 11:44 AM, Yo-Yo Ma wrote:
> User logs into your site (SaadsDjangoSite.com). User goes to
> CriminalCSRFSite.com while logged into yours. They put a script tag in
> their page that has a post-back to ttp://
> saadsdjangosite.com/delete-everything-and-kill-kittens/.
> This causes the user's logged in browser to make a request to your
> site, and delete everything and kill kittens, all without the user
> knowing what happened.
>
> Follow those instructions. Make sure you put {% csrf_token %} right
> after your open tag.
>
>
>
> On Sep 28, 11:38 pm, Saad Sharif wrote:
> > Thanks a lo :)
> >
> > but there is a new error
> >
> > The Error:
> >
> > Forbidden (403)
> >
> > CSRF verification failed. Request aborted.
> > Help
> >
> > Reason given for failure:
> >
> > CSRF token missing or incorrect.
> >
> > In general, this can occur when there is a genuine Cross Site Request
> > Forgery, or when Django's CSRF
> > mechanism<
> http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf
> >has
> > not been used correctly. For POST forms, you need to ensure:
> >
> >- The view function uses
> > RequestContext<
> http://docs.djangoproject.com/en/dev/ref/templates/api/#subclassing-c..
> .>for
> > the template, instead of
> >Context.
> >- In the template, there is a {% csrf_token %} template tag inside
> each
> >POST form that targets an internal URL.
> >- If you are not using CsrfViewMiddleware, then you must use
> > csrf_protecton any views that use the
> >csrf_token template tag, as well as those that accept the POST data.
> >
> > You're seeing the help section of this page because you have DEBUG = True
> in
> > your Django settings file. Change that to False, and only the initial
> error
> > message will be displayed.
> >
> > You can customize this page using the CSRF_FAILURE_VIEW setting.
> >
> > On Wed, Sep 29, 2010 at 10:39 AM, Yo-Yo Ma
> wrote:
> > > (r'^login/', include('macrohms.views.login')), is incorrect.
> >
> > > the include() function, pertaining to urls.py is for including other
> > > URL confs (so you can have sub-sections of your site contain their own
> > > urls.py). You'll want to replace that line with:
> >
> > > url(r'^login/$', 'macrohms.views.login')),
> >
> > > Note, I changed two additional things - I changed your tuple to a
> > > url() function call instead, and I added a $ at the end of the URL
> > > pattern (denotes the end of a string in regex). The url() function is
> > > the "cool" way to define URLs.
> >
> > > On Sep 28, 10:41 pm, Saad Sharif wrote:
> > > > Hi all,
> >
> > > > I created a simple login form
> >
> > > > My code:
> > > > > > > dojoType="dijit.form.Form" >{% csrf_token %}
> > > > username
> > > > password
> > > > login
> > > >
> >
> > > > In views.py i added
> >
> > > > def login(request):
> > > > return render_to_response('login.html')
> >
> > > > In urls.py i added
> >
> > > > (r'^login/', include('macrohms.views.login')),
> >
> > > > The Error when i press login button:
> > > > ImportError at /login/
> >
> > > > No module named login
> >
> > > > Request Method: POST Request URL:
> http://localhost:8000/login/Django
> > > > Version: 1.2.3 Exception Type: ImportError Exception Value:
> >
> > > > No module named login
> >
> > > > Exception Location:
> >
> > >
> /home/saad/www/lib/python2.6/site-packages/Django-1.2.3-py2.6.egg/django/utils/importlib.py
> > > > in import_module, line 35 Python Executable:
> /home/saad/www/bin/python
> > > Python
> > > > Version: 2.6.5 Python Path: ['/home/saad/www/webapps/macrohms',
> > > >
> '/home/saad/www/lib/python2.6/site-packages/setuptools-0.6c11-py2.6.egg',
> > > > '/home/saad/www/lib/python2.6/site-packages/pip-0.8.1-py2.6.egg',
> > > > '/home/saad/www/lib/python2.6/site-packages/Django-1.2.3-py2.6.egg',
> > > > '/home/saad/www/lib/python2.6/
Re: Import Error
Thanks Russell :) Now, no error pops up but when i press the login button the same page reloads..by the way, Django is awesome :) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
