So I've got three users, a teacher, student, and admin. Both teacher and student users work fine but when I try to login using the admin form, it redirects to the student login form. I think it's because there's something wrong with the urls.py and the way the next parameter is configured but I'm not quite sure where to proceed.
Any help is much appreciated. Let me know if you need more information
Here are my admin views.py
#login_required
#admin_required
def profile(request):
if request.method == 'POST':
u_form = UserUpdateForm(request.POST, instance=request.user)
p_form = ProfileUpdateForm(request.POST,
request.FILES,
instance=request.user.profile)
if u_form.is_valid() and p_form.is_valid():
u_form.save()
p_form.save()
messages.success(request, f'Your account has been updated!')
return redirect('profile')
else:
u_form = UserUpdateForm(instance=request.user)
p_form = ProfileUpdateForm(instance=request.user.profile)
context = {
'u_form': u_form,
'p_form': p_form
}
return render(request, 'users/profile.html', context)
main urls.py
urlpatterns = [
path('', classroom.home, name='home'),
path('students/', include(([
path('', students.QuizListView.as_view(), name='quiz_list'),
path('interests/', students.StudentInterestsView.as_view(), name='student_interests'),
path('taken/', students.TakenQuizListView.as_view(), name='taken_quiz_list'),
path('quiz/<int:pk>/', students.take_quiz, name='take_quiz'),
], 'classroom'), namespace='students')),
path('teachers/', include(([
path('', teachers.QuizListView.as_view(), name='quiz_change_list'),
path('quiz/add/', teachers.QuizCreateView.as_view(), name='quiz_add'),
path('quiz/<int:pk>/', teachers.QuizUpdateView.as_view(), name='quiz_change'),
path('quiz/<int:pk>/delete/', teachers.QuizDeleteView.as_view(), name='quiz_delete'),
path('quiz/<int:pk>/results/', teachers.QuizResultsView.as_view(), name='quiz_results'),
path('quiz/<int:pk>/question/add/', teachers.question_add, name='question_add'),
path('quiz/<int:quiz_pk>/question/<int:question_pk>/', teachers.question_change, name='question_change'),
path('quiz/<int:quiz_pk>/question/<int:question_pk>/delete/', teachers.QuestionDeleteView.as_view(), name='question_delete'),
], 'classroom'), namespace='teachers')),
path('admins/', include(([
path('', admins.profile, name='profile'),
], 'classroom'), namespace='admins')),
]
login urls.py
urlpatterns = [
path('', include('classroom.urls')),
path('accounts/', include('django.contrib.auth.urls')),
path('accounts/signup/', classroom.SignUpView.as_view(), name='signup'),
path('accounts/signup/student/', students.StudentSignUpView.as_view(), name='student_signup'),
path('accounts/signup/teacher/', teachers.TeacherSignUpView.as_view(), name='teacher_signup'),
path('accounts/signup/admin/', admins.register, name='register'),
]
signup form template
{% extends 'base.html' %}
{% load crispy_forms_tags %}
{% block content %}
<div class="row">
<div class="col-md-8 col-sm-10 col-12">
<h2>Sign up as a {{ user_type }}</h2>
<form method="post" novalidate>
{% csrf_token %}
<input type="hidden" name="next" value="{{ next }}">
{{ form|crispy }}
<button type="submit" class="btn btn-success">Sign up</button>
</form>
</div>
</div>
{% endblock %}
admin form template
{% extends "base.html" %}
{% load crispy_forms_tags %}
{% block content %}
<div class="content-section">
<form method="POST">
{% csrf_token %}
<fieldset class="form-group">
<input type="hidden" name="next" value="{{ next }}">
<legend class="border-bottom mb-4">Join Today</legend>
{{ form|crispy }}
</fieldset>
<div class="form-group">
<button class="btn btn-outline-info" type="submit">Sign Up</button>
</div>
</form>
<div class="border-top pt-3">
<small class="text-muted">
Already Have An Account? <a class="ml-2" href="{% url 'login' %}">Sign In</a>
</small>
</div>
</div>
{% endblock content %}
Try just removing #login_required from your profile view.
Since Django decorators work top-down, #login_required will kick in before #admin_required. But from https://pypi.org/project/django-simple-rest/:
admin_required simply makes sure that the user is logged in and is
also a super user before they will be granted access to the decorated
view method.
So, I think that #admin_required will already check if the user is logged in.
Related
Good day,
I am making a Django application,
I want to call my data that the user signs up with and to display the information they submitted as:
Name
Email
Then I want to be able to change that data and then I want to save it, and reload back into the dashboard, but when I am updating my 'update_profile.html' the info is not updating, I can; add form data and change it
What am I doing wrong?
My code below:
views.py
from django.shortcuts import render, redirect, HttpResponse
from django.contrib import messages, auth
from django.contrib.auth.models import User
from django.contrib.auth.decorators import login_required
from contacts.models import Contact
def register(request):
if request.method == 'POST':
# Get form values
first_name = request.POST['first_name']
last_name = request.POST['last_name']
username = request.POST['username']
email = request.POST['email']
password = request.POST['password']
password2 = request.POST['password2']
# Check if passwords match
if password == password2:
# Check username
if User.objects.filter(username=username).exists():
messages.error(request, 'That username is taken')
return redirect('register')
else:
if User.objects.filter(email=email).exists():
messages.error(request, 'That email is being used')
return redirect('register')
else:
# Looks good
user = User.objects.create_user(
username=username, password=password, email=email, first_name=first_name, last_name=last_name) # noqa
# Login after register
auth.login(request, user)
messages.success(request, 'You are now logged in')
return redirect('index')
# user.save()
# messages.success(
# request, 'You are now registered and can log in')
# return redirect('login')
else:
messages.error(request, 'Passwords do not match')
return redirect('register')
else:
return render(request, 'accounts/register.html')
def login(request):
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = auth.authenticate(username=username, password=password)
if user is not None:
auth.login(request, user)
messages.success(request, 'You are now logged in')
return redirect('dashboard')
else:
messages.error(request, 'Invalid credentials')
return redirect('login')
else:
return render(request, 'accounts/login.html')
def logout(request):
if request.method == 'POST':
auth.logout(request)
messages.success(request, 'You are now logged out')
return redirect('index')
#login_required(login_url='login')
def dashboard(request):
user_contacts = Contact.objects.order_by(
'-contact_date').filter(user_id=request.user.id)
context = {
'contacts': user_contacts
}
return render(request, 'accounts/dashboard.html', context)
#login_required(login_url='login')
def edit_profile(request, pk):
user = User.objects.get(id=pk)
if request.method == 'POST':
...
user.name = request.GET['name']
user.email_address = request.GET['email_address']
user.save()
return redirect('dashboard')
context = {
'user': user
}
return render(request, 'accounts/dashboard.html', context)
#login_required(login_url='login')
def delete_profile(request, pk):
user = User.objects.get(id=pk)
if request.method == 'POST':
...
user.name = request.GET['name']
user.email_address = request.GET['email_address']
user.delete()
return redirect('index')
context = {
'user': user
}
return render(request, 'index.html', context)
Then my urls
urls.py
from django.urls import path
from . import views
urlpatterns = [
path('register', views.register, name='register'),
path('login', views.login, name='login'),
path('logout', views.logout, name='logout'),
path('dashboard', views.dashboard, name='dashboard'),
path('edit_profile/<int:pk>/', views.edit_profile, name='edit_profile'),
]
Lastly My edit_profile.html
{% extends 'base.html' %}
{% block title %} | Edit Profile {% endblock %}
{% block content %}
<section id="showcase-inner" class="py-5 text-white">
<div class="container">
<div class="row text-center">
<div class="col-md-12">
<h1 class="display-4">User Dashboard</h1>
<p class="lead">Manage your BT Real Estate account</p>
</div>
</div>
</div>
</section>
<!-- Breadcrumb -->
<section id="bc" class="mt-3">
<div class="container">
<nav aria-label="breadcrumb">
<ol class="breadcrumb">
<li class="breadcrumb-item">
<a href="{% url 'index' %}">
<i class="fas fa-home"></i> Home</a>
</li>
<li class="breadcrumb-item active"> Dashboard</li>
</ol>
</nav>
</div>
</section>
{% comment %} Alerts {% endcomment %}
{% include 'partials/__alerts.html' %}
<section id="dashboard" class="py-4">
<div class="container">
<div class="row">
<div class="col-md-12">
<h2>Welcome {{ user.first_name }}
<a class="btn btn-info" href="{% url 'dashboard' %}">
Save Profile
</a>
<a class="btn btn-da nger" href="{% url 'dashboard' %}">
Del;ete Profile
</a>
</h2>
<h3>Account Details: </h3>
<form action="{% url 'contact' %}" method="POST">
{% csrf_token %}
{% if user.is_authenticated %}
<input type="hidden" name="user_id" value="{{ user.id }}">
{% else %}
<input type="hidden" name="user_id" value="0">
{% endif %}
<input type="hidden" name="realtor_email" value="{{ listing.realtor.email }}">
<input type="hidden" name="listing_id" value="{{ listing.id }}">
<div class="form-group">
<label for="property_name" class="col-form-label">Property:</label>
<input type="text" name="listing" class="form-control" value="{{ listing.title }}" >
</div>
<div class="form-group">
<label for="name" class="col-form-label">Name:</label>
<input type="text" name="name" class="form-control" {% if user.is_authenticated %} value="{{ user.first_name }} {{ user.last_name }}" {% endif %} required>
</div>
<div class="form-group">
<label for="email" class="col-form-label">Email:</label>
<input type="email" name="email" class="form-control" {% if user.is_authenticated %} value="{{ user.email }}" {% endif %} required>
</div>
<div class="form-group">
<label for="phone" class="col-form-label">Phone:</label>
<input type="phone" name="phone" class="form-control" {% if user.is_authenticated %} value="{{ user.phone }}" {% endif %} >
</div>
<input type="submit" value="Send" class="btn btn-block btn-secondary">
</form>
</div>
</div>
</div>
</section>
{% endblock %}
PLEASE HELP!
I have a comment model in my forum and when I try to submit it it says:
"Page not found - /POST?csrfmiddlewaretoken".
views.py:
#login_required
def comment(request, pk):
if request.method == 'POST':
form = CommentCreationForm(data=request.POST)
if form.is_valid():
comment.post = get_object_or_404(Post, pk=pk)
comment.writer = request.user
comment = form.save()
messages.info(request, 'comment published')
return JsonResponse({'message': 'Thank you for your comment'}, safe=False)
else:
form = CommentCreationForm()
html file:
<form action="POST"> {% csrf_token %}
{{ form.text.errors }}
<label for="{{ form.text.id_for_label }}">comment:</label>
{{ form.text }}
<button id="comment" type="submit">comment</button>
</form>
{% if error_message %}<p><strong>{{ error_message }}</strong></p>{% endif %}
urls.py:
path('<int:pk>/comment/', views.comment, name='comment'),
By the way, can you help me make it in ajax?
You have to add url to the attribute action and POST to method attribute:
<form action="{% url 'comment' post.pk %}" method="POST"> {% csrf_token %}
{{ form.text.errors }}
<label for="{{ form.text.id_for_label }}">comment:</label>
{{ form.text }}
<button id="comment" type="submit">comment</button>
</form>
Also provide post.pk in {% url 'comment' post.pk %}.
I am making todo application and i am having problem doing the update operation
views.py
def update(request, task_id):
task = Task.objects.get(pk=task_id)
if request.method == 'POST':
form = TaskForm(request.POST or None, instance=task)
if form.is_valid():
form.save()
return redirect('/')
return render(request, 'update.html', {'task': task})
forms.py
class TaskForm(forms.ModelForm):
class Meta:
model = Task
fields = '__all__'
urls.py
path('update/<int:task_id>', views.update, name='update'),
update.html
{% extends 'base.html' %}
{% block content %}
{% if task %}
<form class="form-inline my-2 my-lg-0" method="POST" >
{% csrf_token %}
<input type="search" class="form-control mr-sm-2" name="task" value="{{task.text}}">
<input type="hidden" name="completed" value="{{task.completed}}">
<button type="submit" class="btn btn-outline-secondary my-2 ">Edit Task</button>
</form>
{% endif %}
{% endblock %}
I am able to get the Value of the selected item in textbox but when i edit it and press Edit Task Nothing happens .
# The url name is update, so your action submit should go to 'update'
<form action="{% url 'update' task_id=task.pk %}" method="POST" class="form-inline my-2 my-lg-0">
…
</form>
To allow Django's allauth to work on my homepage, I copied the allauth HTML for the login and signup forms to my own base.html (The login form can be seen here).
So this successfully renders the form and its fields on my homepage. However, when I click submit on the login form, it just redirects me to allauth's /accounts/login URL, which renders the same form. Only after that does submitting the form work. It's the same with the signup form when I submit the signup form on my homepage, it redirects me to /accounts/signup and then the signup works after submitting again. How can I make the login/signup work initially from my homepage?
My urls and views:
urls.py
urlpatterns = [
url(r'^$', views.boxes_view, name='news'),
url(r'^accounts/', include('allauth.urls')),
]
views.py
def boxes_view(request):
search = request.GET.get('search')
posts = Post.objects.all().filter(category=1).order_by('-date')
if search:
posts = posts.filter(Q(title__icontains=search)|Q(content__icontains=search))
else:
posts = Post.objects.all().filter(category=1).order_by('-date')
context = {'posts': posts,}
return render(request, 'polls.html', context)
base.html
...
{% load i18n %}
<form class="login" method="POST" action="{% url 'account_login' %}">
<div class="loginWrapper">
<div class="loginNested">
<div class="loginBox">
{% csrf_token %}
{{ form.as_p }}
{% if redirect_field_value %}
<input type="hidden" name="{{ redirect_field_name }}" value="{{ redirect_field_value }}" />
{% endif %}
<a class="button secondaryAction" href="{% url 'account_reset_password' %}">{% trans "Forgot Password?" %}</a>
<button class="primaryAction" type="submit">{% trans "Sign In" %}</button>
</div>
</div>
</div>
</form>
...
I have what is probably a very basic question. I have read through Django forms docs but am still missing something here. I want to have a search bar in one template (search.html) and return the search query in another template (results.html). I have the following so far, using this SO answer as a guide, which returns the following error. Thanks for any help.
Exception Value:
results() missing 1 required positional argument: 'search_id'
urls.py
urlpatterns = [
url(r'^$', views.index, name='index'),
url(r'^landing/', views.search, name='search'),
url(r'^results/', views.results, name='results'),
]
forms.py
from .models import Apartment
class Apt(forms.ModelForm):
class Meta:
model = Apartment
fields = ('name')
views.py
def search(request):
if request.method == 'POST': #the form has been submitted
form = Apt(request.POST) #bound form
if form.is_valid(): #validations have passed
name = form.cleaned_data['name']
u = Apt.objects.create(name=name)
#REST query will go here.
#commit to database
u.save()
return redirect('results', search_id=u.name)
else: #create an unbound instance of the form
form = Apt(initial={'name':'name'})
#render the form according to the template, context = form
return render(request, 'search/landing.html', {'form':form})
def results(request, search_id):
search_id = request.POST.get('name')
query = get_object_or_404(Apt, pk=search_id)
return render(request, 'search/results.html', {'query':query} )
landing.html
{% extends "base_simple.html" %}
{% block title %}Look up your name{% endblock %}
{% block main_content %}
<!-- Intro Header -->
<header class="intro">
<div class="intro-body">
<div class="container">
<div class="inner cover">
<h1 class="cover-heading">find your name</h1>
<form id="searchform" method="POST" action="" accept-charset="utf-8">
{% csrf_token %}
<input id="apt" type="text" class="form-control" placeholder="Apartment Name" value="{{ Apt.name }}">
<input type="submit" value="Search" class="btn btn-lg btn-default">
</form>
</div>
</div>
</div>
</header>
{% endblock %}
results.html
{% extends "base_simple.html" %}
{% block title %}search results{% endblock %}
{% block main_content %}
<div class='col-sm-6 col-sm-offset-3'>
<div class="row">
<div class="col-sm-12">
{% for q in query %}
<div class="jumbotron">
<h3>{{ q.name }}</h3>
</div>
{% endfor %}
</div>
</div>
<hr/>
</div>
{% endblock %}
in urls you need to change result to
url(r'^results/(?P<search_id>.+)/', views.results, name='results'),
Named groups in the regex are passed as arguments to the view
You should also remove the line search_id = request.POST.get('name') from your results view as the redirect will not contain any POST data