I want to create an Admin-only page for my GAE application. But I found there's no way to set a Admin user, so I cannot log on the page I created and test the function. I tried the local Admin console, but no luck. How can I do this?
Google App Engine provides a pretty straightforward way to create a private admin section of your web application.
1.
In your app.yaml, any URL handler can have a login setting to restrict visitors to only those users who have signed in, or just those users who are administrators for the application.
If the setting is login: admin, once the user has signed in, the handler checks whether the user is an administrator for the application. If not, the user is given an error message; if the user is an administrator, the handler proceeds.
Here a snippet of app.yaml where the /admin/.* routes are admin restricted :
- url: /admin/.*
script: admin.py
login: admin
2.
Trying to access the admin url, the dev app server automatically shows the login panel where you should check the Sign in as Administrator checkbox.
When you log in (the blue box where you enter the email) there is a checkbox to apply the administrator flag to your session.
You can define admin only pages in your app.yaml, like so:
- url: /secrets/
script: /secrets/example.py
login: admin
an admin is whoever is so defined in your appengine.google.com control panel, under permissions.
Related
I'm using this package called django_hosts to re-route urls for some apps.
Everything is working fine except for the fact that django_hosts is not working with Django Authentication.
I hosted this url api.example.com, so on this page with the url api.example.com:8000/add_post, I want users to add post but before doing that you must be authenticated. So after I logged in, I still can't submit post via the form talkless of posting. But when I go back to example.com, it shows that I'm logged in but api.example.com is telling me otherwise.
How do I make django authentication work with this package?
The problem is that the authentication token is hooked to the domain. Using Django's default configuration, the api.example.com can't access the example.com auth token.
You can change this behaviour by setting the SESSION_COOKIE_DOMAIN configuration in your settings.py module:
SESSION_COOKIE_DOMAIN = 'example.com'
But not too fast! Do it carefully, otherwise you can break your application:
Be cautious when updating this setting on a production site. If you
update this setting to enable cross-domain cookies on a site that
previously used standard domain cookies, existing user cookies will be
set to the old domain. This may result in them being unable to log in
as long as these cookies persist.
More info on the official documentation.
I am trying to use django social auth to auth via facebook.
I used this documentation to make changes in my django project and to create and setup the facebook app. I am running django project on local server. The project has url http://127.0.0.1:8000. When hit the following link on my project's web page:
Template
<p>Facebook</p>
Rendered template
<p>Facebook</p>
it redirects me to a facebook page where I can see the following message:
Given URL is not allowed by the Application configuration: One or more
of the given URLs is not allowed by the App's settings. It must match
the Website URL or Canvas URL, or the domain must be a subdomain of
one of the App's domains.
How to change facebook app's settings to allow
http://127.0.0.1:8000?
upd
Added localhost to app domains and http://localhost:8000/ to site URL in my fb app's settings.
The Facebook app doesn't allow IP addresses like that, but it does allow localhost. In the App Domains on the Settings tab you need to add localhost. What sucks is that other services (such as twitter) don't accept localhost and you can only use 127.0.0.1:8000, which means you have to switch back and forth.
It works for local development, but it's not pretty.
EDIT:
You also need to add http://localhost:8000/ to the Site URL first
I am deploying a website that has an /admin/ page where staff and the superuser access the database tables.
In settings.py I changed these settings to put the site into production mode.
DEBUG = False
TEMPLATE_DEBUG = False
Issue is this has caused my admin site to show only black links on the applications where i cannot view, edit or add rows to the tables even if logged in as a super user.
What settings have i got wrong?
I found the solution here in this self answer:
django on apache - admin page links are VISIBLE but not CLICKABLE
Issue is i should be using a separate admin.py file, not putting things that should be in there in the model.py file.
web2py application administration is by default located on:
http://127.0.0.1:8000/admin/default/site
Is it possible to change "admin" to be something else (for example):
http://127.0.0.1:8000/appadmin/default/site
and if it is possible how that is achieved?
admin is just an app.
On windows open windows explorer and go to \web2py\applications\ right click on "admin" folder an then click in rename.
On Linux.
cd path/to/web2py/applications
mv admin newadmin
This answer is correct, but more changes needs to be done.
In your case, to change url from /admin to /appadmin do following steps
Rename admin app folder name to appadmin
Fix broken links to admin app
In your_app/controllers/appadmin.py, search all links to admin app and replace it with links to appadmin app
Change creation of links to error pages
Update routes.py, to route errors to appadmin app and not admin app
For detailed steps read How to change admin app url in web2py?
After a user has logged into the admin interface is it possible to redirect them to a specific page?
I want to redirect to the list of entries for a particular model.
I'm using Django 1.3
Cheers!
You can set the default redirect url (on login) in your settings.py
LOGIN_REDIRECT_URL = "/admin/mymodel/"
https://docs.djangoproject.com/en/dev/ref/settings/?from=olddocs#login-redirect-url
Look at ticket 14510 .
Seems django admin doesn't support LOGIN_REDIRECT_URL settings and you should subclass AdminSite.