无法使用有效的用户名和密码登录 django 管理页面
Posted
技术标签:
【中文标题】无法使用有效的用户名和密码登录 django 管理页面【英文标题】:Not able to log in to the django admin page with a valid username and password 【发布时间】:2014-06-01 17:42:49 【问题描述】:已编辑:
我在亚马逊 AWS 上托管了一个网站,域名为 (www.abc.com)。
首先:我尝试登录 django 管理站点,但它再次重定向到同一页面而没有显示任何错误(注意:用户名和密码正确)
第二:注册成功后,尝试使用用户名和密码登录django内部页面: 它通过在 url 之间添加 next 关键字重定向到相同的登录页面。
http://www.abc.com/login/?next=/employee/jcbdfvdhdfhvhdfsvsdhfhb-super-admin/home/dashboard/
调查服务器后发现一件事:
我已停止所有应用程序,如 wsgi 、 suprervisorctl 、 ngnix 等。 然后在 ec2 aws 控制台(终端)上运行以下命令
python manage.py xxx.xx.xx.xx:8000
注意: xxx.xx.xx.xx 是我的域名(www.abc.com)IP
成功登录django-admin-site和项目内部页面。
有什么,我在 djano-settings 中丢失了吗? 我被这个问题困扰了很长时间。任何答案都将是可观的。
请问您是否需要我项目中的代码。
从这里检查所有选项:Unable log in to the django admin page with a valid username and password
编辑 settings.py 文件:
import sys, os
from os.path import abspath, basename, dirname, join, normpath
### from 2 scoops of django
# Normally you should not import
# ANYTHING from Django directly into
# your abc_settings, but
# ImproperlyConfigured is an
# exception.
from django.core.exceptions \
import ImproperlyConfigured
msg_get ="Set the %s environment variable"
msg_unset ="The %s environment variable not defined"
def get_env_variable(var_name):
try:
return os.environ[var_name]
except KeyError:
error_msg = msg_get % var_name
raise ImproperlyConfigured(error_msg)
def set_env_variable(var_name, value_str):
os.environ[var_name] = value_str
def unset_env_variable(var_name):
try:
del os.environ[var_name]
except KeyError:
error_msg = msg_unset % var_name
raise ImproperlyConfigured(error_msg)
### end snippet
ATOMIC_REQUESTS = True
########## PATH CONFIGURATION
# Absolute filesystem path to this Django project directory.
DJANGO_ROOT = dirname(dirname(dirname(abspath(__file__))))
CONFIG_ROOT = dirname(dirname(abspath(__file__)))
import sys
sys.path.append(normpath(join(DJANGO_ROOT, 'apps')))
# Site name.
SITE_NAME = basename(DJANGO_ROOT)
SITE_ID = 1
# Absolute filesystem path to the top-level project folder.
SITE_ROOT = dirname(DJANGO_ROOT)
# Add all necessary filesystem paths to our system path so that we can use
# python import statements.
sys.path.append(SITE_ROOT)
#sys.path.append(normpath(join(DJANGO_ROOT, 'apps')))
#sys.path.append(normpath(join(DJANGO_ROOT, 'libs')))
#########/# END PATH CONFIGURATION
########## SECURITY CONFIGS
def set_secret_key_env():
# Generating a SECRET_KEY. Will be auto-generated the first time this file is interpreted.
try:
os.environ['SECRET_KEY']
except KeyError:
import random
os.environ['SECRET_KEY'] = \
''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)])
#tocheck - is it ok to uncomment this or should we use this to generate a secret key and set it normally,
#tocheck - in production on heroku for ex?
set_secret_key_env()
SECRET_KEY = get_env_variable('SECRET_KEY')
BROKER_URL = 'redis://localhost:6379/0'
CELERY_RESULT_BACKEND = "redis://"
CELERY_TRACK_STARTED = True
########## END CELERY CONFIGURATION
########## DJANGO-TEMPLATED-EMAIL CONFIGURATION
TEMPLATED_EMAIL_BACKEND = 'templated_email.backends.vanilla_django.TemplateBackend'
TEMPLATED_EMAIL_TEMPLATE_DIR = 'communication/email/' #use '' for top level template dir, ensure there is a trailing slash
TEMPLATED_EMAIL_FILE_EXTENSION = 'email'
########## END DJANGO-TEMPLATED-EMAIL CONFIGURATION
########## MANAGER CONFIGURATION
# Admin and managers for this project. These people receive private site
# alerts.
#tothink - should this be different for different environments
ADMINS = (
('Nirmal', 'nighggngh@abc.com'),
('Harsha', 'jjjjjjjgarkkwal@abc.com'),
)
########## URL CONFIGURATION
ROOT_URLCONF = '%s.urls' %SITE_NAME
########## END URL CONFIGURATION
MANAGERS = ADMINS
########## END MANAGER CONFIGURATION
########## GENERAL CONFIGURATION
# Hosts/domain names that are valid for this site; required if DEBUG is False
# See https://docs.djangoproject.com/en/1.5/ref/abc_settings/#allowed-hosts
ALLOWED_HOSTS = ['www.abc.com']
TIME_ZONE = 'Asia/Kolkata'
WSGI_APPLICATION = 'abc.wsgi.application'
# If you set this to False, Django will not use timezone-aware datetimes.
USE_TZ = False
# Language code for this installation. All choices can be found here:
# http://www.i18nguy.com/unicode/language-identifiers.html.
LANGUAGE_CODE = 'en-us'
USE_I18N = False
# If you set this to False, Django will not format dates, numbers and
# calendars according to the current locale.
USE_L10N = True
########## END GENERAL CONFIGURATION
########## EMAIL CONFIGURATION
#todo - should probably go into environment variables
#todo - get actual domain email etc
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.abc.com'
EMAIL_PORT = 587
#change this to proper email with hems domain
EMAIL_HOST_USER = 'abc@abc.com'
EMAIL_HOST_PASSWORD ='websupport2307'
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = 'abc@abc.com'
#EMAIL_USE_TLS = True
# ########## END EMAIL CONFIGURATION
########## MEDIA CONFIGURATION
# Absolute filesystem path to the directory that will hold user-uploaded files.
MEDIA_ROOT = normpath(join(DJANGO_ROOT, 'media')).replace('\\','/')
# URL that handles the media served from MEDIA_ROOT.
MEDIA_URL = '/media/'
########## END MEDIA CONFIGURATION
AUTHENTICATION_BACKENDS = ('custom.backends.EmailOrUsernameModelBackend','django.contrib.auth.backends.ModelBackend')
STATIC_ROOT = normpath(join(DJANGO_ROOT, 'final_static'))
# URL prefix for assets files.
STATIC_URL = '/static/'
# URL prefix for admin assets files -- CSS, javascript and images.
ADMIN_MEDIA_PREFIX = '/assets/admin/'
# Additional locations of assets files.
STATICFILES_DIRS = (
normpath(join(DJANGO_ROOT, 'static')),
)
# List of finder classes that know how to find assets files in various
# locations.
STATICFILES_FINDERS = (
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
#'django.contrib.staticfiles.finders.DefaultStorageFinder',
)
TEMPLATE_CONTEXT_PROCESSORS =('django.contrib.messages.context_processors.messages',
'django.contrib.auth.context_processors.auth',
"django.core.context_processors.request"
)
TEMPLATE_LOADERS = (
'django.template.loaders.filesystem.Loader',
'django.template.loaders.app_directories.Loader',
#'django.template.loaders.eggs.Loader',
)
# Directories to search when loading templates.
TEMPLATE_DIRS = (
normpath(join(DJANGO_ROOT, 'templates')),
normpath(join(DJANGO_ROOT, 'templates/Home_Page')),
normpath(join(DJANGO_ROOT, 'templates/Marketplace')),
normpath(join(DJANGO_ROOT, 'templates/Organisation')),
normpath(join(DJANGO_ROOT, 'templates/Organisation_Role')),
normpath(join(DJANGO_ROOT, 'templates/base')),
normpath(join(DJANGO_ROOT, 'templates/external')),
normpath(join(DJANGO_ROOT, 'templates/certificates')),
normpath(join(DJANGO_ROOT, 'templates/password_reset')),
normpath(join(DJANGO_ROOT, 'templates/support_dashboard')),
)
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
# 'django.contrib.sessions.backends.signed_cookies',
'custom.subdomain.SubdomainMiddleware', #middleware for subdomain
)
INSTALLED_APPS = (
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
# # Admin panel and documentation.
'django.contrib.admin',
# 'django.contrib.admindocs',
# South migration tool.
'south',
# Celery task queue.
'djcelery',
'apps.certificates',
'apps.account_subscription',
'apps.common_ds',
'apps.location',
'apps.communication,
'apps.transanction_history',
'rest_framework',
'apps.external_user',
'gunicorn',
#'notification'
#django extensions (recommended by 2 scoops of django)
)
import djcelery
djcelery.setup_loader()
CELERY_IMPORTS = (
'apps.communication.functionality.email',
'apps.organisation_roles.functionality.parse_employees_from_file',
)
LOGGING =
'version': 1,
'disable_existing_loggers': False,
'handlers':
'file':
'level': 'INFO',
'class': 'logging.FileHandler',
'filename': '/home/ubuntu/logs/abc/logger.log',
,
,
'loggers':
'django.request':
'handlers': ['file'],
'level': 'INFO',
'propagate': True,
,
,
AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
SESSION_SAVE_EVERY_REQUEST = True
SESSION_COOKIE_AGE = 86400 # sec
SESSION_COOKIE_DOMAIN = '.abc.com'
SESSION_COOKIE_NAME = 'DSESSIONID'
SESSION_COOKIE_SECURE = False
DEBUG = True
TEMPLATE_DEBUG = DEBUG
LOGIN_URL = '/login/'
########## END DEBUG CONFIGURATION
########## DATABASE CONFIGURATION
#todo should go into environment variables
import dj_database_url
import os
if not os.environ.has_key('DATABASE_URL'):
os.environ['DATABASE_URL'] = 'postgres://abc:abc@abc-db.us-east-1.rds.amazonaws.com/dev_abc_db'
DATABASES =
'default': dj_database_url.config(default=os.environ['DATABASE_URL'])
【问题讨论】:
/employee/jcbdfvdhdfhvhdfsvsdhfhb-super-admin/home/dashboard/ 的服务器响应是什么?也许您没有正确检查用户是否已登录... ITs 追加下一个,而不是进入仪表板,它再次进入登录页面: url : login/?next=/employee/jcbdfvdhdfhvhdfsvsdhfhb-super-admin/home/dashboard/ 注意:用户名和密码已经过验证,我在shell上检查过了 您使用的是自定义身份验证模型吗?您是否可以发布您的设置文件并检查您的 nginx 错误日志以查看它是否遇到任何问题? 对于日志处理程序,我使用了 django auth 模型。但是让我的 loginMixin 处理程序来保存用户名和密码 【参考方案1】:这可能看起来像是“唾手可得的果实”,但我也时常遇到这样的问题(登录到 Django Admin 后却无缘无故返回到登录页面)。每次都被证明是一种解决方案是清除我的浏览器缓存和 cookie……所有这些(而不是仅仅在最后一个小时左右)。
希望这会有所帮助。
【讨论】:
【参考方案2】:您的设置文件看起来不错。您是否将 Gunicorn 与多个工人一起使用,如果是,则仅尝试与单个工人一起使用。实际上会话不会在多个工作人员之间传输,除非您将一些中间层存储组件(如 memcached 或 redis)带入其中。前段时间面临同样的问题。希望它能解决你的问题:)
【讨论】:
感谢@ankurDloader,这拯救了一天!因为没有任何错误迹象可以解决我使用 django 的登录问题!【参考方案3】:首先尝试注释掉以下所有行, 并重新启动您的服务器...
#AUTHENTICATION_BACKENDS = ('custom.backends.EmailOrUsernameModelBackend','django.contrib.auth.backends.ModelBackend')
# 'apps.communication,
#AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
#SESSION_EXPIRE_AT_BROWSER_CLOSE = True
#SESSION_SAVE_EVERY_REQUEST = True
#SESSION_COOKIE_AGE = 86400 # sec
#SESSION_COOKIE_DOMAIN = '.abc.com'
#SESSION_COOKIE_NAME = 'DSESSIONID'
#SESSION_COOKIE_SECURE = False
我注意到的事情:
1:在 INSTALLED_APPS 中,'apps.communication 后面缺少撇号
INSTALLED_APPS = (
'django.contrib.auth',
# -- snip --
'apps.communication,
)
2:您定义了两次 AUTHENTIOCATION_BACKENDS。在这种情况下,您的第二个元组只是踩在第一个元组上。
3:身份验证后端的顺序很重要。
4:您不需要列出“django.contrib.auth.backends.ModelBackend”,因为如果“django.contrib.auth”在您的 INSTALLED_APPS 中,它将被搜索。 (您已配置)
【讨论】:
以上是关于无法使用有效的用户名和密码登录 django 管理页面的主要内容,如果未能解决你的问题,请参考以下文章
我无法使用有效的用户名和密码登录 Django 管理页面,它返回 % csrf_token % 禁止的 404 错误消息