Django 1.2会话丢失 [英] Django 1.2 session loss
问题描述
我之前也曾问过类似的问题,但我进行了更多研究,并且此迭代应该有所不同.似乎有几个SO用户在单一视图中注册和登录用户时遇到了问题,但实际上并没有得到解决.
I've asked a similar question before, but I've done some more research and this iteration should be a bit different. It seems as though several SO users have had an issue with registering and logging in users in a single view and it hasn't really been answered.
问题是我在单个Django视图中注册,认证和登录用户.对于大多数用户来说,这很好,但对于其他用户,他们的后续请求(他们单击我网站上的链接)将返回一个匿名用户.不知何故,已登录的用户丢失了会话,并被重定向到我的站点e上不需要身份验证的页面.
The issue is that I register, authenticate, and login a user in a single Django view. For most users that's fine, but for other users, their subsequent request (they click a link on my site) returns an Anonymous User. Somehow, the logged in user loses their session and is redirected to a page on my sit ethat doesn't require authentication.
当他们然后通过纯登录视图(而不是寄存器+登录视图)登录时,会话数据保持原样.问题实际上似乎是在单个视图中注册和登录.
When they then log in via a pure login view (as opposed to the register + login view), the session data stays in tact. The issue really seems to be registering and logging in a single view.
有关同一问题,请参见此帖子: https://stackoverflow.com/questions/1693726/problem-with-combined-authentication-login-view .
See this post for the same issue: https://stackoverflow.com/questions/1693726/problem-with-combined-authentication-login-view.
已建议这可能是线程问题.我还看到它建议它与缓存会话数据的后端有关.
It has been suggested that this is potentially a threading issue. I've also seen it suggested that it relates to the backend for caching session data.
对它真正与之相关的任何想法吗?我无法重现该错误,这确实使我退缩了.
Any thoughts on what it really relates to? I can't reproduce the error, which is really holding me back.
编辑-我应该注意,我正在使用默认的数据库支持的会话.
EDIT--I should note that I'm using the default database backed sessions.
这是我的注册/登录视图
Here is my register/login view
def splash_register(request):
if request.session.get('beta'):
if request.method=='POST':
userform=MyUserCreationForm(request.POST)
if userform.is_valid():
#username of <30 char is required by Django User model. I'm storing username as a hash of user email
user=userform.save(commit=False)
user.username=hash(user.email)
user.save()
username=user.username
password=str(userform.cleaned_data['password'])
user=auth.authenticate(username=username, password=password)
if user is not None:
auth.login(request,user)
request.session['first_visit']=True
return HttpResponseRedirect("/")
else:
return HttpResponseRedirect('/splash/register/')
else:
userform=MyUserCreationForm(request.POST)
return render_to_response("website/splash_register.html", {'userform':userform}, context_instance=RequestContext(request))
return render_to_response("website/splash_register.html", context_instance=RequestContext(request))
else:
return HttpResponseRedirect('/splash/')
推荐答案
您不必使用身份验证,在这种情况下,它并不是真正需要的.您所需要做的就是设置用户记录的后端.
You don't have to use authenticate and, in this scenario, it's not really needed. All you need to do is set the backend of the user record.
所以类似的事情会起作用:
So something like this would work:
def splash_register(request):
if request.session.get('beta'):
if request.method=='POST':
userform=MyUserCreationForm(request.POST)
if userform.is_valid():
#username of <30 char is required by Django User model. I'm storing username as a hash of user email
user=userform.save(commit=False)
user.username=hash(user.email)
user.backend='django.contrib.auth.backends.ModelBackend'
user.save()
username=user.username
password=str(userform.cleaned_data['password'])
auth.login(request, user)
request.session['first_visit']=True
return HttpResponseRedirect("/")
else:
userform=MyUserCreationForm(request.POST)
return render_to_response("website/splash_register.html", {'userform':userform}, context_instance=RequestContext(request))
return render_to_response("website/splash_register.html", context_instance=RequestContext(request))
else:
return HttpResponseRedirect('/splash/')
更新
我在评论中提到了这一点,但是对于答案"而言,解决方案是将其添加到您的设置文件中:
Update
I mentioned this in a comment, but in terms of an "answer" the solution is to add this to your settings file:
SESSION_COOKIE_DOMAIN = 'yourdomain.com'
这将允许来自www.yourdomain.com 或 yourdomain.com的用户登录网站.
This will allow users coming in from www.yourdomain.com or yourdomain.com to log in to the website.
这篇关于Django 1.2会话丢失的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!