Trying to login many times in a row produced this Exception,
Exception Type: SuspiciousOperation at /admin/
Exception Value: User may have tampered with session cookie.
Full traceback,
Traceback:
File "/home/shabda/lib/python2.5/django/core/handlers/base.py" in
get_response
82. response = callback(request, *callback_args,
**callback_kwargs)
File "/home/shabda/lib/python2.5/django/contrib/admin/views/
decorators.py" in _checklogin
95. post_data =
_decode_post_data(request.POST['post_data'])
File "/home/shabda/lib/python2.5/django/contrib/admin/views/
decorators.py" in _decode_post_data
41. raise SuspiciousOperation, "User may have tampered with
session cookie."
On Jan 14, 7:32 am, shabda <[EMAIL PROTECTED]> wrote:
> The following line raises validation error,
> self.request.session.test_cookie_worked():
> raise ValidationError(_("Your Web browser doesn't appear
> to have cookies enabled. Cookies are required for logging in."))
> And so the string within validation error is in forms.error, and
> forms.is_valid fails.
>
> On Jan 13, 11:31 pm, Alex Koshelev <[EMAIL PROTECTED]> wrote:
>
> > What daes it mean "I am unable to login". Error aqcures, exception
> > raises or something else?
>
> > On 13 янв, 18:33, shabda <[EMAIL PROTECTED]> wrote:
>
> > > I have a view function I am using for logging in people. When I am
> > > deploying it to Apache/Mod_python, I am unable to login, but If I am
> > > running it on the development server, I am able to login. Any
> > > pointers?
>
> > > (I am not using the builtin login, as I want to use newforms.)
> > > The view function is,
> > > def login(request, template_name='registration/login.html',
> > > redirect_field_name=REDIRECT_FIELD_NAME):
> > > """Displays the login form and handles the login action."""
> > > redirect_to = request.REQUEST.get(redirect_field_name, '')
> > > if Site._meta.installed:
> > > current_site = Site.objects.get_current()
> > > else:
> > > current_site = RequestSite(request)
> > > if request.method == 'POST':
> > > login_form = forms.AuthenticationForm(request.POST)
> > > login_form.set_request(request)
> > > if login_form.is_valid():
> > > # Light security check -- make sure redirect_to isn't
> > > garbage.
> > > if not redirect_to or '//' in redirect_to or ' ' in
> > > redirect_to:
> > > from django.conf import settings
> > > redirect_to = settings.LOGIN_REDIRECT_URL
> > > from django.contrib.auth import login
> > > user = login_form.user
> > > login(request, user)
> > > request.session.delete_test_cookie()
> > > return HttpResponseRedirect(redirect_to)
> > > elif request.method == 'GET':
> > > login_form = forms.AuthenticationForm()
> > > request.session.set_test_cookie()
> > > return render_to_response(template_name, {
> > > 'form': login_form,
> > > redirect_field_name: redirect_to,
> > > 'site_name': current_site.name,
> > > }, context_instance=RequestContext(request))
>
> > > The AuthenticationForm is,
> > > class AuthenticationForm(forms.Form):
> > > """
> > > Base class for authenticating users. Extend this to get a form
> > > that accepts
> > > username/password logins.
> > > """
> > > username = forms.CharField(required = True, max_length = 30)
> > > password = forms.CharField(required = True, max_length = 30,
> > > widget = forms.PasswordInput)
> > > def set_request (self, request):
> > > self.request = request
>
> > > def clean (self):
> > > user = authenticate(username=self.cleaned_data['username'],
> > > password=self.cleaned_data['password'])
> > > if self.request and not
> > > self.request.session.test_cookie_worked():
> > > raise ValidationError(_("Your Web browser doesn't appear
> > > to have cookies enabled. Cookies are required for logging in."))
> > > if user is None:
> > > raise ValidationError(_("Please enter a correct username
> > > and password. Note that both fields are case-sensitive."))
> > > elif not user.is_active:
> > > raise ValidationError(_("This account is inactive."))
> > > else:
> > > self.user = user
> > > return super(forms.Form, self).clean()
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
