无法使用有效的用户名和密码登录 django 管理页面

Posted

技术标签:

【中文标题】无法使用有效的用户名和密码登录 django 管理页面【英文标题】:Not able to log in to the django admin page with a valid username and password 【发布时间】:2014-06-01 17:42:49 【问题描述】:

已编辑:

我在亚马逊 AWS 上托管了一个网站,域名为 (www.abc.com)。

首先:我尝试登录 django 管理站点,但它再次重定向到同一页面而没有显示任何错误(注意:用户名和密码正确)

第二:注册成功后,尝试使用用户名和密码登录django内部页面: 它通过在 url 之间添加 next 关键字重定向到相同的登录页面。

http://www.abc.com/login/?next=/employee/jcbdfvdhdfhvhdfsvsdhfhb-super-admin/home/dashboard/

调查服务器后发现一件事:

我已停止所有应用程序,如 wsgi 、 suprervisorctl 、 ngnix 等。 然后在 ec2 aws 控制台(终端)上运行以下命令

 python manage.py   xxx.xx.xx.xx:8000 

注意: xxx.xx.xx.xx 是我的域名(www.abc.com)IP

成功登录django-admin-site和项目内部页面。

有什么,我在 djano-settings 中丢失了吗? 我被这个问题困扰了很长时间。任何答案都将是可观的。

请问您是否需要我项目中的代码。

从这里检查所有选项:Unable log in to the django admin page with a valid username and password

编辑 settings.py 文件:

import sys, os
from os.path import abspath, basename, dirname, join, normpath

### from 2 scoops of django
# Normally you should not import
# ANYTHING from Django directly into
# your abc_settings, but
# ImproperlyConfigured is an
# exception.
from django.core.exceptions \
    import ImproperlyConfigured

msg_get ="Set the %s environment variable"
msg_unset ="The %s environment variable not defined"

def get_env_variable(var_name):
    try:
        return os.environ[var_name]
    except KeyError:
        error_msg = msg_get % var_name
        raise ImproperlyConfigured(error_msg)

def set_env_variable(var_name, value_str):
    os.environ[var_name] = value_str

def unset_env_variable(var_name):
    try:
        del os.environ[var_name]
    except KeyError:
        error_msg = msg_unset % var_name
        raise ImproperlyConfigured(error_msg)
### end snippet

ATOMIC_REQUESTS = True

########## PATH CONFIGURATION

# Absolute filesystem path to this Django project directory.
DJANGO_ROOT = dirname(dirname(dirname(abspath(__file__))))
CONFIG_ROOT = dirname(dirname(abspath(__file__)))

import sys


sys.path.append(normpath(join(DJANGO_ROOT, 'apps')))

# Site name.
SITE_NAME = basename(DJANGO_ROOT)
SITE_ID = 1
# Absolute filesystem path to the top-level project folder.
SITE_ROOT = dirname(DJANGO_ROOT)

# Add all necessary filesystem paths to our system path so that we can use
# python import statements.
sys.path.append(SITE_ROOT)
#sys.path.append(normpath(join(DJANGO_ROOT, 'apps')))
#sys.path.append(normpath(join(DJANGO_ROOT, 'libs')))
#########/# END PATH CONFIGURATION

########## SECURITY CONFIGS
def set_secret_key_env():
    # Generating a SECRET_KEY. Will be auto-generated the first time this file is interpreted.
    try:
        os.environ['SECRET_KEY']
    except KeyError:
        import random
        os.environ['SECRET_KEY'] = \
            ''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)])

#tocheck - is it ok to uncomment this or should we use this to generate a secret key and set it normally,
#tocheck - in production on heroku for ex?
set_secret_key_env()
SECRET_KEY = get_env_variable('SECRET_KEY')

BROKER_URL = 'redis://localhost:6379/0'
CELERY_RESULT_BACKEND = "redis://"
CELERY_TRACK_STARTED = True
########## END CELERY CONFIGURATION
########## DJANGO-TEMPLATED-EMAIL CONFIGURATION
TEMPLATED_EMAIL_BACKEND = 'templated_email.backends.vanilla_django.TemplateBackend'
TEMPLATED_EMAIL_TEMPLATE_DIR = 'communication/email/' #use '' for top level template dir, ensure there is a trailing slash
TEMPLATED_EMAIL_FILE_EXTENSION = 'email'
########## END DJANGO-TEMPLATED-EMAIL CONFIGURATION
########## MANAGER CONFIGURATION
# Admin and managers for this project. These people receive private site
# alerts.
#tothink - should this be different for different environments
ADMINS = (
    ('Nirmal', 'nighggngh@abc.com'),
    ('Harsha', 'jjjjjjjgarkkwal@abc.com'),
)
########## URL CONFIGURATION
ROOT_URLCONF = '%s.urls' %SITE_NAME
########## END URL CONFIGURATION

MANAGERS = ADMINS
########## END MANAGER CONFIGURATION

########## GENERAL CONFIGURATION
# Hosts/domain names that are valid for this site; required if DEBUG is False
# See https://docs.djangoproject.com/en/1.5/ref/abc_settings/#allowed-hosts
ALLOWED_HOSTS = ['www.abc.com']

TIME_ZONE = 'Asia/Kolkata'

WSGI_APPLICATION = 'abc.wsgi.application'

# If you set this to False, Django will not use timezone-aware datetimes.
USE_TZ = False

# Language code for this installation. All choices can be found here:
# http://www.i18nguy.com/unicode/language-identifiers.html.
LANGUAGE_CODE = 'en-us'


USE_I18N = False

# If you set this to False, Django will not format dates, numbers and
# calendars according to the current locale.
USE_L10N = True
########## END GENERAL CONFIGURATION
########## EMAIL CONFIGURATION
#todo - should probably go into environment variables
#todo - get actual domain email etc
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.abc.com'
EMAIL_PORT = 587
#change this to proper email with hems domain
EMAIL_HOST_USER = 'abc@abc.com'
EMAIL_HOST_PASSWORD ='websupport2307'
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL  = 'abc@abc.com'
#EMAIL_USE_TLS = True
# ########## END EMAIL CONFIGURATION

########## MEDIA CONFIGURATION
# Absolute filesystem path to the directory that will hold user-uploaded files.
MEDIA_ROOT = normpath(join(DJANGO_ROOT, 'media')).replace('\\','/')

# URL that handles the media served from MEDIA_ROOT.
MEDIA_URL = '/media/'
########## END MEDIA CONFIGURATION
AUTHENTICATION_BACKENDS = ('custom.backends.EmailOrUsernameModelBackend','django.contrib.auth.backends.ModelBackend')

STATIC_ROOT = normpath(join(DJANGO_ROOT, 'final_static'))

# URL prefix for assets files.
STATIC_URL = '/static/'

# URL prefix for admin assets files -- CSS, javascript and images.
ADMIN_MEDIA_PREFIX = '/assets/admin/'

# Additional locations of assets files.
STATICFILES_DIRS = (
    normpath(join(DJANGO_ROOT, 'static')),
    )

# List of finder classes that know how to find assets files in various
# locations.
STATICFILES_FINDERS = (
    'django.contrib.staticfiles.finders.FileSystemFinder',
    'django.contrib.staticfiles.finders.AppDirectoriesFinder',
    #'django.contrib.staticfiles.finders.DefaultStorageFinder',
    )

TEMPLATE_CONTEXT_PROCESSORS =('django.contrib.messages.context_processors.messages',
                              'django.contrib.auth.context_processors.auth',
                              "django.core.context_processors.request"
                                )

TEMPLATE_LOADERS = (
    'django.template.loaders.filesystem.Loader',
    'django.template.loaders.app_directories.Loader',
    #'django.template.loaders.eggs.Loader',
    )

# Directories to search when loading templates.
TEMPLATE_DIRS = (
    normpath(join(DJANGO_ROOT, 'templates')),
    normpath(join(DJANGO_ROOT, 'templates/Home_Page')),
    normpath(join(DJANGO_ROOT, 'templates/Marketplace')),
    normpath(join(DJANGO_ROOT, 'templates/Organisation')),
    normpath(join(DJANGO_ROOT, 'templates/Organisation_Role')),
    normpath(join(DJANGO_ROOT, 'templates/base')),
    normpath(join(DJANGO_ROOT, 'templates/external')),
    normpath(join(DJANGO_ROOT, 'templates/certificates')),
    normpath(join(DJANGO_ROOT, 'templates/password_reset')),
    normpath(join(DJANGO_ROOT, 'templates/support_dashboard')),
    )

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
  #  'django.contrib.sessions.backends.signed_cookies',
    'custom.subdomain.SubdomainMiddleware', #middleware for subdomain
    )


INSTALLED_APPS = (
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.sites',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    #    # Admin panel and documentation.

    'django.contrib.admin',
    #   'django.contrib.admindocs',

    # South migration tool.
    'south',
    # Celery task queue.
    'djcelery',
    'apps.certificates',
    'apps.account_subscription',
    'apps.common_ds',
    'apps.location',
    'apps.communication,
    'apps.transanction_history',
    'rest_framework',
    'apps.external_user',
    'gunicorn',
    #'notification'
    #django extensions (recommended by 2 scoops of django)
 )

 import djcelery
djcelery.setup_loader()

CELERY_IMPORTS = (
    'apps.communication.functionality.email',
    'apps.organisation_roles.functionality.parse_employees_from_file',
)


LOGGING = 
    'version': 1,
    'disable_existing_loggers': False,
    'handlers': 
        'file': 
            'level': 'INFO',
            'class': 'logging.FileHandler',
            'filename': '/home/ubuntu/logs/abc/logger.log',
        ,
    ,
    'loggers': 
        'django.request': 
            'handlers': ['file'],
            'level': 'INFO',
            'propagate': True,
        ,
    ,



AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
SESSION_SAVE_EVERY_REQUEST = True
SESSION_COOKIE_AGE = 86400 # sec
SESSION_COOKIE_DOMAIN = '.abc.com'
SESSION_COOKIE_NAME = 'DSESSIONID'
SESSION_COOKIE_SECURE = False



DEBUG = True
TEMPLATE_DEBUG = DEBUG
LOGIN_URL = '/login/'
########## END DEBUG CONFIGURATION



########## DATABASE CONFIGURATION
#todo should go into environment variables
import dj_database_url
import os
if not os.environ.has_key('DATABASE_URL'):
    os.environ['DATABASE_URL'] = 'postgres://abc:abc@abc-db.us-east-1.rds.amazonaws.com/dev_abc_db'

DATABASES = 
    'default': dj_database_url.config(default=os.environ['DATABASE_URL'])

【问题讨论】:

/employee/jcbdfvdhdfhvhdfsvsdhfhb-super-admin/home/dashboard/ 的服务器响应是什么?也许您没有正确检查用户是否已登录... ITs 追加下一个,而不是进入仪表板,它再次进入登录页面: url : login/?next=/employee/jcbdfvdhdfhvhdfsvsdhfhb-super-admin/home/dashboard/ 注意:用户名和密码已经过验证,我在shell上检查过了 您使用的是自定义身份验证模型吗?您是否可以发布您的设置文件并检查您的 nginx 错误日志以查看它是否遇到任何问题? 对于日志处理程序,我使用了 django auth 模型。但是让我的 loginMixin 处理程序来保存用户名和密码 【参考方案1】:

这可能看起来像是“唾手可得的果实”,但我也时常遇到这样的问题(登录到 Django Admin 后却无缘无故返回到登录页面)。每次都被证明是一种解决方案是清除我的浏览器缓存和 cookie……所有这些(而不是仅仅在最后一个小时左右)。

希望这会有所帮助。

【讨论】:

【参考方案2】:

您的设置文件看起来不错。您是否将 Gunicorn 与多个工人一起使用,如果是,则仅尝试与单个工人一起使用。实际上会话不会在多个工作人员之间传输,除非您将一些中间层存储组件(如 memcached 或 redis)带入其中。前段时间面临同样的问题。希望它能解决你的问题:)

【讨论】:

感谢@ankurDloader,这拯救了一天!因为没有任何错误迹象可以解决我使用 django 的登录问题!【参考方案3】:

首先尝试注释掉以下所有行, 并重新启动您的服务器...

#AUTHENTICATION_BACKENDS = ('custom.backends.EmailOrUsernameModelBackend','django.contrib.auth.backends.ModelBackend')

#   'apps.communication,

#AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
#SESSION_EXPIRE_AT_BROWSER_CLOSE = True
#SESSION_SAVE_EVERY_REQUEST = True
#SESSION_COOKIE_AGE = 86400 # sec
#SESSION_COOKIE_DOMAIN = '.abc.com'
#SESSION_COOKIE_NAME = 'DSESSIONID'
#SESSION_COOKIE_SECURE = False

我注意到的事情:

1:在 INSTALLED_APPS 中,'apps.communication 后面缺少撇号

INSTALLED_APPS = (
   'django.contrib.auth',
   # -- snip --
   'apps.communication,
)

2:您定义了两次 AUTHENTIOCATION_BACKENDS。在这种情况下,您的第二个元组只是踩在第一个元组上。

3:身份验证后端的顺序很重要。

4:您不需要列出“django.contrib.auth.backends.ModelBackend”,因为如果“django.contrib.auth”在您的 INSTALLED_APPS 中,它将被搜索。 (您已配置)

【讨论】:

以上是关于无法使用有效的用户名和密码登录 django 管理页面的主要内容,如果未能解决你的问题,请参考以下文章

我无法使用有效的用户名和密码登录 Django 管理页面,它返回 % csrf_token % 禁止的 404 错误消息

无法使用正确的用户名和密码登录到 Django 管理员

无法登录到 Django 管理站点

无法使用用户名/密码登录令牌端点:drf 令牌身份验证和自定义用户模型,Django

在django中创建帐户后无法登录

Django忘记管理员账号和密码的解决办法