Django表单错误赢得';t显示
我已经建立了一个“防火墙”登录表单,我想把它放在我的 实际生产的网站,而我开发的网站。我们的想法是尝试 让“坏人”远离网站,同时看看会发生什么 他们使用的用户名和密码。我的问题是 如果我输入了无效的用户名/密码对,我的表单将显示错误消息 没有显示。我意识到,就我的目的而言,它可能是 最好不要显示任何错误消息,但我仍然希望 了解问题所在。有人能看出我做错了什么吗 谢谢Django表单错误赢得';t显示,django,django-templates,django-views,Django,Django Templates,Django Views,我已经建立了一个“防火墙”登录表单,我想把它放在我的 实际生产的网站,而我开发的网站。我们的想法是尝试 让“坏人”远离网站,同时看看会发生什么 他们使用的用户名和密码。我的问题是 如果我输入了无效的用户名/密码对,我的表单将显示错误消息 没有显示。我意识到,就我的目的而言,它可能是 最好不要显示任何错误消息,但我仍然希望 了解问题所在。有人能看出我做错了什么吗 谢谢 # views.py import logging logger = logging.getLogger(__name__) fr
# views.py
import logging
logger = logging.getLogger(__name__)
from django.contrib.auth import authenticate
from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth.views import login
from django.http import HttpResponseRedirect
def firewall_login(request, *args, **kwargs):
if request.method == "POST":
form = AuthenticationForm(request, data=request.POST)
username = request.POST['username']
password = request.POST['password']
if form.is_valid():
fw_username = form.cleaned_data['username']
fw_password = form.cleaned_data['password']
user = authenticate(username=fw_username, password=fw_password)
if user is not None:
if user.is_active:
login(request, user)
logger.info("User '%s' logged in." % fw_username)
return HttpResponseRedirect("/accounts/profile/")
else:
logger.info("User '%s' tried to log in to disabled account." % fw_username)
return HttpResponseRedirect("/accounts/disabled/")
else:
logger.info("User '%s' tried to log in with password '%s'." % (username, password))
form = AuthenticationForm(request) # Display bound form
else:
form = AuthenticationForm() # Display unbound form
return render(request, "registration/login.html", {"form": form,})
# login.html
{% extends "base.html" %}
{% block content %}
{% if form.errors %}
<p class="alert alert-error">Sorry, that's not a valid username or password</p>
{% endif %}
{% if form.errors %}
{% for field in form %}
{% for error in field.errors %}
<div class="alert alert-error">
<strong>{{ error|escape }}</strong>
</div>
{% endfor %}
{% endfor %}
{% for field in form.non_field_errors %}
<div class="alert alert-error">
<strong>{{ error|escape }}</strong>
</div>
{% endfor %}
{% endif %}
<form action="" method="post">
{% csrf_token %}
<p><label for="username">Username:</label>{{ form.username }}</p>
<p><label for="password">Password:</label>{{ form.password }}</p>
<input type="hidden" name="next" value="{{ next|escape }}" />
<input class="btn btn-primary" type="submit" value="login" />
</form>
{% endblock %}
#views.py
导入日志记录
logger=logging.getLogger(_名称__)
从django.contrib.auth导入验证
从django.contrib.auth.forms导入AuthenticationForm
从django.contrib.auth.views导入登录
从django.http导入HttpResponseRedirect
def防火墙登录(请求、*args、**kwargs):
如果request.method==“POST”:
表单=身份验证表单(请求,数据=request.POST)
username=request.POST['username']
password=request.POST['password']
如果form.is_有效():
fw_username=form.cleaned_数据['username']
fw_password=表单。已清除的_数据['password']
用户=验证(用户名=fw\u用户名,密码=fw\u密码)
如果用户不是无:
如果user.u处于活动状态:
登录(请求、用户)
logger.info(“用户“%s”已登录。”%fw\u用户名)
返回HttpResponseRedirect(“/accounts/profile/”)
其他:
logger.info(“用户“%s”试图登录到禁用的帐户。”%fw\u用户名)
返回HttpResponseRedirect(“/accounts/disabled/”)
其他:
logger.info(“用户“%s”试图使用密码“%s”登录。”%(用户名,密码))
表单=身份验证表单(请求)#显示绑定表单
其他:
表单=AuthenticationForm()#显示未绑定表单
返回呈现(请求,“registration/login.html”,{“form”:form,})
#login.html
{%extends“base.html”%}
{%block content%}
{%if form.errors%}
抱歉,这不是有效的用户名或密码
{%endif%}
{%if form.errors%}
{%形式的字段为%}
{%字段中有错误。错误%}
{{error | escape}}
{%endfor%}
{%endfor%}
{form.non_field_errors%}
{{error | escape}}
{%endfor%}
{%endif%}
{%csrf_令牌%}
用户名:{{form.Username}
密码:{form.Password}}
{%endblock%}
这是因为您传递了新的表单实例。在调用是否有效时进行验证
因此,只需删除else
块中的form=AuthenticationForm(request)
:
def firewall_login(request, *args, **kwargs):
if request.method == "POST":
form = AuthenticationForm(request, data=request.POST)
username = request.POST['username']
password = request.POST['password']
if form.is_valid():
fw_username = form.cleaned_data['username']
fw_password = form.cleaned_data['password']
user = authenticate(username=fw_username, password=fw_password)
if user is not None:
if user.is_active:
login(request, user)
logger.info("User '%s' logged in." % fw_username)
return HttpResponseRedirect("/accounts/profile/")
else:
logger.info("User '%s' tried to log in to disabled account." % fw_username)
return HttpResponseRedirect("/accounts/disabled/")
else:
logger.info("User '%s' tried to log in with password '%s'." % (username, password))
else:
form = AuthenticationForm() # Display unbound form
return render(request, "registration/login.html", {"form": form,})