date:20160521

Re: Displaying a document

2016-05-21 Thread Luis Zárate

2016-05-21 13:21 GMT-06:00 Wilfredo Rivera :

> {{candidate.resumeFile}}"



{{candidate.resumeFile.name}}
"

Looking in your code probably you could be interested in
https://docs.djangoproject.com/ja/1.9/ref/class-based-views/generic-editing/



-- 
"La utopía sirve para caminar" Fernando Birri

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAG%2B5VyP8_aZQ9FyL-q0ezyxuK8C1h3f6_ZjT_1zrxve0hVRX3A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Is it possible to output a graph from Matplotlib into Django like this?

2016-05-21 Thread Yunpeng Pan

This solution makes a lot of sense!

On Tuesday, April 12, 2011 at 1:06:55 AM UTC-5, Sam Walters wrote:
>
> I mis-read this... basically you have one view and in the template you
> are rendering you put HTML:
>
>
> 
> 
>
> so that path will call your other views which return content as
> content_type='image/png' or whatever specific format you're using.
>
> what i was suggesting is you could have:
>
> 
> 
> 
>
> So in your urls.py file it would parameratize 'foo' and in your view
> method you could produce different responses based on the parameter.
> Eg: in an other view i have i can pass lat and long coords as params
> and it would put a dot on the map based on where that lat/long points
> to.
>
> On Tue, Apr 12, 2011 at 2:19 PM, nai  
> wrote:
> > Actually, could you illustrate how you would go about using 2 views as
> > well? Thanks!
> >
> > On Apr 11, 6:39 pm, Xavier Ordoquy  wrote:
> >> Le 11 avr. 2011 à 12:21, nai a écrit :
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> > This is the give example from Matplotlib for Django:
> >>
> >> > def simple(request):
> >> >import random
> >>
> >> >from matplotlib.backends.backend_agg import FigureCanvasAgg as
> >> > FigureCanvas
> >> >from matplotlib.figure import Figure
> >> >from matplotlib.dates import DateFormatter
> >>
> >> >fig=Figure()
> >> >ax=fig.add_subplot(111)
> >> >x=[]
> >> >y=[]
> >> >now=datetime.datetime.now()
> >> >delta=datetime.timedelta(days=1)
> >> >for i in range(10):
> >> >x.append(now)
> >> >now+=delta
> >> >y.append(random.randint(0, 1000))
> >> >ax.plot_date(x, y, '-')
> >> >ax.xaxis.set_major_formatter(DateFormatter('%Y-%m-%d'))
> >> >fig.autofmt_xdate()
> >> >canvas=FigureCanvas(fig)
> >> >response=django.http.HttpResponse(content_type='image/png')
> >> >canvas.print_png(response)
> >> >return response
> >>
> >> > Is there anyway I can return the image like this `return
> >> > render_to_response('template.html', {'graph':  >> > matplotlib or some other graphing package>}`
> >>
> >> Hi,
> >>
> >> Is there any reasons why you couldn't have a view that would just 
> render the image and the other one that would have a img tag pointing to 
> the first view ?
> >> It is possible to embed an image in the web page, but I'm sure it goes 
> against the best practices.
> >>
> >> Regards,
> >> Xavier.
> >
> > --
> > You received this message because you are subscribed to the Google 
> Groups "Django users" group.
> > To post to this group, send email to django...@googlegroups.com 
> .
> > To unsubscribe from this group, send email to 
> django-users...@googlegroups.com .
> > For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.
> >
> >
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/db70b267-0c16-4fe9-9359-5862086d8315%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Displaying a document

2016-05-21 Thread Wilfredo Rivera

I think my code is more or less what you said, i made the change in the 
template to include a link to the uploaded file using the Media_URL 
variable, but it didn't work. It gave me a page not found error. I don't 
know if i have to include a URL, the documentation doesn't mention 
anything. Below is my code if you can please check it out and tell me what 
i am missing.

This is my URL Conf:

 url(r'^candidatelist/'
r'(?P\d{4})/'
r'(?P\d{1,2})/'
r'(?P\d{1,2})/'
r'(?P[-\w]*)/'
r'update/'
r'resume/'
r'(?P)/$',
Candidate_Update.as_view(),
name = 'resume_view')



This is my model:

class Candidate(models.Model):

resumeFile = models.FileField(upload_to="resume/")




This is my template:


{% for candidate in candidatelist %}

{{candidate.lastname
}}

{{candidate.firstname}}
{{candidate.career}}
{{candidate.email}}
{{candidate.resumeFile}}"

{% endfor %}






{% endblock %}



and this is my view:
def CandidateList(request):
candidatelist = Candidate.objects.all()
return render(request, 'recruitment/candidatelist.html', {
'candidatelist': candidatelist})


class Candidate_Detail(ObjectUpdateMixin, View):
form_class = CandidateForm
model = Candidate
template_name = 'recruitment/candidate_detail.html'


class Candidate_Update(ObjectUpdateMixin, View):
form_class = CandidateForm
model = Candidate
template_name = 'recruitment/candidate_update.html'



with the mixin:

class ObjectCreateMixin:
form_class = None
template_name = ' '

def get(self, request):
return render(
  request,
  self.template_name,
  {'form': self.form_class()}
  )

def post(self, request):
bound_form = self.form_class(request.POST, request.FILES)
if bound_form.is_valid():
new_object = bound_form.save()
return redirect(new_object)
else:
return render(
  request,
  self.template_name,
  {'form' : bound_form})


class ObjectUpdateMixin:
form_class = None
model = None
template_name = ' '

def get(self, request, slug, **kwargs):
obj = get_object_or_404(self.model, 
 slug__iexact=slug
  )

context = {'form' : self.form_class(instance=obj),
   self.model.__name__.lower() : obj,}
return render(
  request,
  self.template_name,
  context
  )

def post(self, request, slug, **kwargs):
obj = get_object_or_404(self.model, slug=slug)
bound_form = self.form_class(request.POST, request.FILES, instance=
obj)
if bound_form.is_valid():
new_object = bound_form.save()
return redirect(new_object)
else:
context = {
   'form' : bound_form,
   self.model.__name__.lower() : obj,
   }

return render(
  request,
  self.template_name,
  context)



On Saturday, May 21, 2016 at 11:07:11 AM UTC-7, luisza14 wrote:
>
> Do you have a model  with a fileField?
>
>
> I think you are wrong passing file to template, if  you have a model with 
> filefield you can use media url something like
>
> class Mymodel(Model):
>   myfile = models.FileField(upload_to="my_file_path_in_media")
>
>
> so you can use a form
>
> class Myform(forms.ModelForm):
>
>  class Meta:
>  model=Mymodel
>  fields = '__all__'
>
> so in the view you have
>
> if request.method=='POST':
>form = MyForm(request.POST, request.FILE)
>if form.is_valid():
> instance=form.save()
>
>
> so you can pass instance in template context
>
>render(request, 'mytemplate.html', {'instance': instance}
>
> in your template you can put a link or whatever you want.
>
>  download
>
>
> take a look 
> https://docs.djangoproject.com/en/1.9/topics/http/file-uploads/ form more 
> info
>
>
>
>
> 2016-05-21 10:43 GMT-06:00 Wilfredo Rivera  >:
>
>> Hello:
>>
>> I want to display an uploaded file in the browser. My website save the 
>> file in the database, but i don't have idea of how can the website display 
>> it once the user click on the link. I am new to django and programming in 
>> general so i am learning on a trial and error basis. 
>>
>> The view that handles this is the following:
>>
>> def File_Open(request):
>> if (request == request.FILES):
>>file = request.FILES.open()
>>return

Re: Displaying a document

2016-05-21 Thread Luis Zárate

Do you have a model  with a fileField?


I think you are wrong passing file to template, if  you have a model with
filefield you can use media url something like

class Mymodel(Model):
  myfile = models.FileField(upload_to="my_file_path_in_media")


so you can use a form

class Myform(forms.ModelForm):

 class Meta:
 model=Mymodel
 fields = '__all__'

so in the view you have

if request.method=='POST':
   form = MyForm(request.POST, request.FILE)
   if form.is_valid():
instance=form.save()


so you can pass instance in template context

   render(request, 'mytemplate.html', {'instance': instance}

in your template you can put a link or whatever you want.

 download


take a look https://docs.djangoproject.com/en/1.9/topics/http/file-uploads/
form more info




2016-05-21 10:43 GMT-06:00 Wilfredo Rivera :

> Hello:
>
> I want to display an uploaded file in the browser. My website save the
> file in the database, but i don't have idea of how can the website display
> it once the user click on the link. I am new to django and programming in
> general so i am learning on a trial and error basis.
>
> The view that handles this is the following:
>
> def File_Open(request):
> if (request == request.FILES):
>file = request.FILES.open()
>return render(request, 'recruitment/open_file.html', {file : 'file'
> })
>
> and the url is this:
>
> url(r'^candidatelist/'
> r'resume-view/'
> r'(?P/$',
> views.File_Open,
> name = 'resume_view'
>
> I have search for how can i do this, but haven't found a satisfying
> answer. Please i will appreciate the help.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/b2cf38b0-6a6a-45c1-84b9-c4cf678b6c9d%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
"La utopía sirve para caminar" Fernando Birri

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAG%2B5VyNDNt-9U3wCuqKzhuu6f61LmRFDt5DzyHvDFYyZUFoCGQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Displaying a document

2016-05-21 Thread Wilfredo Rivera

Hello:

I want to display an uploaded file in the browser. My website save the file 
in the database, but i don't have idea of how can the website display it 
once the user click on the link. I am new to django and programming in 
general so i am learning on a trial and error basis. 

The view that handles this is the following:

def File_Open(request):
if (request == request.FILES):
   file = request.FILES.open()
   return render(request, 'recruitment/open_file.html', {file : 'file'})

and the url is this:

url(r'^candidatelist/'
r'resume-view/'
r'(?P/$',
views.File_Open,
name = 'resume_view'

I have search for how can i do this, but haven't found a satisfying answer. 
Please i will appreciate the help.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/b2cf38b0-6a6a-45c1-84b9-c4cf678b6c9d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread Chris Troutner

That's really interesting. Hmm...

Thanks for the feedback.

On Sat, May 21, 2016 at 9:03 AM, Michal Petrucha <
michal.petru...@konk.org> wrote:

> On Sat, May 21, 2016 at 08:55:04AM -0700, Chris Troutner wrote:
> > Yep, no luck. I got the cookie plugin integrated, but it didn't make any
> > difference. The problem isn't with the *retrieval* of the CSRF token,
> it's
> > with the *submission*.
> >
> > If you bring up this code:
> >
> https://github.com/christroutner/rpiovn/blob/unstable/public/js/app/views/NRPUsersView.js
> >
> > And scroll down to the approveUser function, you can see a section marked
> > in comments labeled VIRTUAL FORM. I'm doing to same
> > xhr.setRequestHeader('X-CSRFToken',
> > csrftoken); instruction in Francois' example. The POST submission still
> > results in a 403 Forbidden error.
>
> Hi Chris,
>
> Could you perhaps post the full error message you receive with the 403
> error? The one you posted in the initial post seems to indicate it's
> not a CSRF error at all...
>
> On Fri, May 20, 2016 at 06:34:42PM -0700, Chris Troutner wrote:
> > I've tweaked the code every which way and I always get
> > a "403 FORBIDDEN Authentication credentials were not provided" message.
>
> This message would mean that you haven't provided any authentication
> token, session cookie, or whatever other method your API uses for user
> authentication. In case of a CSRF error, you'd get something like one
> of the following:
>
> REASON_NO_CSRF_COOKIE = "CSRF cookie not set."
> REASON_BAD_TOKEN = "CSRF token missing or incorrect."
>
> Good luck,
>
> Michal
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Django users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/django-users/7FkB_HE446I/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/20160521160339.GM24966%40konk.org
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAB4b19x4%3D0W_NVM4jYrSVsVOoLCrBbe5Lvt1f6J%2BbT067PP0kw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Django Test Errors

2016-05-21 Thread Yoseph Radding

I apologize as I inadvertently submitted my last post and cant delete it. 

Any way: I am in the midst of writing unit tests for an application I am 
working on. My tests work fine on my 2012 Macbook pro but not my 2015 iMac. 
Both are running the latest OSX and the django version is version 1.9.1 
with custom modifications that can be seen 
here: https://github.com/shuttl-io/django. The modifications where to the 
template loading mechanisms. 

Before I move on, my tests are organized thusly:
>app/
>tests/
>test_models/
>__init__.py
>test_*.py
>test_views/
>   __init__.py
>   test_*.py
>test_forms/
>test_*.py
>__init__.py
And in those init files I include all of the test_*.py files.


Anyway, In my tests, I have a few mock classes inside of a test file of 
test_models. It appears that my 2012 MbP  will makemigrations and migrate 
the test database with the mock classes into the test db. My test file 
looks like this: http://pastebin.com/m9VKDLhE. How ever on my iMac, the 
mock classes at the top of my file isn't migrated. So I read up on that 
issue and decided to add a testing app that was written somewhere. The 
tests have the same organization and the mock classes moved to models.py. 
Then in my settings.py file I have this snippet: 

if "test" in sys.argv:
INSTALLED_APPS.append("testing")
if "makemigrations" in sys.argv:
ndx = sys.argv.index("test")
sys.argv.pop(ndx)
pass
pass
Based around the snippet posted in here: 
https://code.djangoproject.com/ticket/7835#trac-change-3-122683730500
Now this works and puts the mock files into the DB and gets rid of the 
OperationalError. However this adds more complex errors that I don't know 
about. Before I talk about the errors, Here is the class that is causing the 
errors:http://pastebin.com/n3906RC8. The publishable class it inherits from is 
not a model and is only a Abstract Base Class with a few methods that need to 
be implemented. 

Now the errors I got initially was this error: 
==
ERROR: test_renderSite 
(testing.tests.test_webpage.test_models.test_webpage.WebsiteTestCase)
--
Traceback (most recent call last):
  File 
"/Users/Yoseph/shuttl/testing/tests/test_webpage/test_models/test_webpage.py", 
line 80, in test_renderSite
siteMap = self.website.getSiteMap()
  File "/Users/Yoseph/shuttl/Webpage/models.py", line 155, in getSiteMap
return self.root.render()
  File "/Users/Yoseph/shuttl/Webpage/models.py", line 252, in render
for i in self.children:
  File "/Users/Yoseph/shuttl/Webpage/models.py", line 240, in children
for i in Class.objects.filter(parent=self):
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/manager.py", 
line 122, in manager_method
return getattr(self.get_queryset(), name)(*args, **kwargs)
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/query.py", line 
790, in filter
return self._filter_or_exclude(False, *args, **kwargs)
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/query.py", line 
808, in _filter_or_exclude
clone.query.add_q(Q(*args, **kwargs))
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/sql/query.py", 
line 1243, in add_q
clause, _ = self._add_q(q_object, self.used_aliases)
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/sql/query.py", 
line 1269, in _add_q
allow_joins=allow_joins, split_subq=split_subq,
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/sql/query.py", 
line 1174, in build_filter
self.check_related_objects(field, value, opts)
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/sql/query.py", 
line 1071, in check_related_objects
self.check_query_object_type(value, opts, field)
  File "/Users/Yoseph/.venv/shuttl/src/django/django/db/models/sql/query.py", 
line 1055, in check_query_object_type
(value, opts.object_name))
ValueError: Cannot query "root": Must be "Directory" instance.

 
I printed out the type and it is a Directory instance. I solved this issue 
by changing for i in Class.objects.filter(parent=self): to for i in 
Class.objects.filter(parent_id=self.id): This fixed that error but caused a 
different error that made even less sense:
==
ERROR: test_renderSite 
(testing.tests.test_webpage.test_models.test_webpage.WebsiteTestCase)
--
Traceback (most recent call last):
  File 
"/Users/Yoseph/shuttl/testing/tests/test_webpage/test_models/test_webpage.py", 
line 90, in test_renderSite
self.assertEqual(self.website.getSiteMap(), testMap)
  File "/Users/Yoseph/shuttl/Webpage/models.py", line 155, in getSiteMap
return self.root.render()
  File

about django framework execution sequence

2016-05-21 Thread zeeshan malik

anybody plz  tel me the exzact sequence of Djngo framework execution 
like: first of all
url call to view functions and
then views render  the templates and data will show on page

 then in case of inserting data in form how djngo execute in sequence 
how model and form work and how ORM role in mapping form data to database

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/64d8751b-0679-43bb-9b81-6443f5630b59%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread Michal Petrucha

On Sat, May 21, 2016 at 08:55:04AM -0700, Chris Troutner wrote:
> Yep, no luck. I got the cookie plugin integrated, but it didn't make any
> difference. The problem isn't with the *retrieval* of the CSRF token, it's
> with the *submission*.
> 
> If you bring up this code:
> https://github.com/christroutner/rpiovn/blob/unstable/public/js/app/views/NRPUsersView.js
> 
> And scroll down to the approveUser function, you can see a section marked
> in comments labeled VIRTUAL FORM. I'm doing to same
> xhr.setRequestHeader('X-CSRFToken',
> csrftoken); instruction in Francois' example. The POST submission still
> results in a 403 Forbidden error.

Hi Chris,

Could you perhaps post the full error message you receive with the 403
error? The one you posted in the initial post seems to indicate it's
not a CSRF error at all...

On Fri, May 20, 2016 at 06:34:42PM -0700, Chris Troutner wrote:
> I've tweaked the code every which way and I always get 
> a "403 FORBIDDEN Authentication credentials were not provided" message.

This message would mean that you haven't provided any authentication
token, session cookie, or whatever other method your API uses for user
authentication. In case of a CSRF error, you'd get something like one
of the following:

REASON_NO_CSRF_COOKIE = "CSRF cookie not set."
REASON_BAD_TOKEN = "CSRF token missing or incorrect."

Good luck,

Michal

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/20160521160339.GM24966%40konk.org.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: Digital signature

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread Chris Troutner

Yep, no luck. I got the cookie plugin integrated, but it didn't make any
difference. The problem isn't with the *retrieval* of the CSRF token, it's
with the *submission*.

If you bring up this code:
https://github.com/christroutner/rpiovn/blob/unstable/public/js/app/views/NRPUsersView.js

And scroll down to the approveUser function, you can see a section marked
in comments labeled VIRTUAL FORM. I'm doing to same
xhr.setRequestHeader('X-CSRFToken',
csrftoken); instruction in Francois' example. The POST submission still
results in a 403 Forbidden error.

On Sat, May 21, 2016 at 8:31 AM, Chris Troutner 
wrote:

> I was logged in yes, but I also noticed that when I tried to get the
> cookie from the CMS side, it would retrieve a different CSRF token, as
> though I wasn't logged in. Hence the copy and paste I showed in the video.
>
> I'm trying to get this cookie plugin integrated into my code. Maybe it
> will have better luck at retrieving the CSRF token for my logged in user.
>
> On Sat, May 21, 2016 at 8:25 AM, bobhaugen  wrote:
>
>> Chris, I understood you were logged into the django system when you tried
>> these posts. Correct? I thought that would cover authentication thru DRF.
>> But I am also a noob to Javascript client post -> DRF server.
>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Django users" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/django-users/7FkB_HE446I/unsubscribe.
>> To unsubscribe from this group and all its topics, send an email to
>> django-users+unsubscr...@googlegroups.com.
>> To post to this group, send email to django-users@googlegroups.com.
>> Visit this group at https://groups.google.com/group/django-users.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/django-users/aba6b122-5eff-4e67-8237-37ab5df90f69%40googlegroups.com
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAB4b19yYZmJSus6r3u%2Bg120UMAV2fT50pnPUS%2Bi57mqDL-8O_Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread Chris Troutner

I was logged in yes, but I also noticed that when I tried to get the cookie
from the CMS side, it would retrieve a different CSRF token, as though I
wasn't logged in. Hence the copy and paste I showed in the video.

I'm trying to get this cookie plugin integrated into my code. Maybe it will
have better luck at retrieving the CSRF token for my logged in user.

On Sat, May 21, 2016 at 8:25 AM, bobhaugen  wrote:

> Chris, I understood you were logged into the django system when you tried
> these posts. Correct? I thought that would cover authentication thru DRF.
> But I am also a noob to Javascript client post -> DRF server.
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Django users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/django-users/7FkB_HE446I/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/aba6b122-5eff-4e67-8237-37ab5df90f69%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAB4b19ybN01qNq9C%2BHazF3XF_tr0ZS33HwNvU-bExN3xUqajbQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread bobhaugen

Chris, I understood you were logged into the django system when you tried 
these posts. Correct? I thought that would cover authentication thru DRF. 
But I am also a noob to Javascript client post -> DRF server.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/aba6b122-5eff-4e67-8237-37ab5df90f69%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread Chris Troutner

I linked to that page in the original posting. That page describes what 
we're trying to do, but there seems to be a disconnect between what is 
specified and what is actually happening. As near as I can tell, I have 
satisfied the CSRF requirements documented on that page, but I still can't 
seem to get anything other than a 403 error.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/bc80674a-4116-4821-9881-b3ccc4811a6c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread François Schiettecatte

Is this what you are looking for:

https://docs.djangoproject.com/en/1.9/ref/csrf/

François


> On May 21, 2016, at 10:09 AM, Chris Troutner  wrote:
> 
> Yes, you're right that there is something confusing going on. I confess I 
> don't know much about CSRF or authentication or Django. Because of that, I'm 
> sure I presented it in a confusing way. That's all Bob's side of the stuff. 
> 
> I'm just trying to get my front end JavaScript to interact with the Django 
> server side API and the key to doing that is to pass in the CSRF token in a 
> way that makes Django happy. So far, I haven't figured out how to do that.
> 
> -Chris
> 
> 
> On Saturday, May 21, 2016 at 2:16:17 AM UTC-7, Daniel Roseman wrote:
> On Saturday, 21 May 2016 02:36:15 UTC+1, Chris Troutner wrote:
> Hey all,
> 
> This is my first time posting to the group. I'm working with Bob Hagan on the 
> Network Resource Planning (NRP) project. The platform runs on Django and he's 
> been using the REST API app to open up ports to some of the pieces of the 
> software. Right now we're working on an interface for creating new users, 
> which requires the passing of a CSRF token for authentication. I'm having a 
> heck of a time and we can't figure out if the issue is something set up on 
> the server or on my front end code. I'm hoping that the issue might be 
> obvious to someone here. 
> 
> First of all, you can access the Django API code in the repository code here:
> https://github.com/valnet/valuenetwork/tree/master/valuenetwork/api
> 
> My front end code is written in JavaScript can be viewed in it's own 
> repository here:
> https://github.com/christroutner/rpiovn/blob/unstable/public/js/app/views/NRPUsersView.js
> 
> This video gives a visual overview of the user interface and the general 
> issues I'm experiencing:
> https://youtu.be/vaYCLmsi_hM
> 
> 
> NRPUsersView.js is a Backbone.js View file. If that doesn't mean anything to 
> you, that's OK. The important thing to notice is the three different ways I 
> tried to access the API.
>   • I use JavaScript to fill out an HTML form. This is currently the only 
> way that works at the moment.
> 
>   • A typical AJAX POST submission
> 
>   • A JavaScript Virtual Form using the FormData object.
> Method 3 should be identical to method 1 as far as the server is concerned, 
> but the HTTP headers are slightly different. Like I said, methods 2 and 3 are 
> not working out. I've tweaked the code every which way and I always get a 
> "403 FORBIDDEN Authentication credentials were not provided" message.
> 
> According to this Django documentation, there are three possible locations to 
> put the CSRF token:
>   • In the document.cookie
> 
>   • In the HTTP header preceded by "X-CSRFToken"
> 
>   • And a hidden input field in the form
> 
> I've tried every combination of the three options for passing the CSRF token 
> and haven't had any luck.
> 
> 
> Has anyone had experience implementing this type of API authentication with 
> Django before? Any help you can provide would be appreciated.
> 
> 
> There's something a bit confused here. CSRF is not for authentication, and 
> has nothing to do with it at all; it's a method of preventing a certain class 
> of hack that would permit an attacker to hijack a user's session credentials. 
> It really can't be used to authenticate a user for your API; there are plenty 
> of other token-based ways of doing this.
> -- 
> DR.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/django-users/1c7788e8-1567-4dcd-9cac-24a518ab7efa%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/3ED7FCFD-3B79-4576-B85F-9788E41D3781%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread Chris Troutner

Yes, you're right that there is something confusing going on. I confess I 
don't know much about CSRF or authentication or Django. Because of that, 
I'm sure I presented it in a confusing way. That's all Bob's side of the 
stuff. 

I'm just trying to get my front end JavaScript to interact with the Django 
server side API and the key to doing that is to pass in the CSRF token in a 
way that makes Django happy. So far, I haven't figured out how to do that.

-Chris


On Saturday, May 21, 2016 at 2:16:17 AM UTC-7, Daniel Roseman wrote:
>
> On Saturday, 21 May 2016 02:36:15 UTC+1, Chris Troutner wrote:
>>
>> Hey all,
>>
>> This is my first time posting to the group. I'm working with Bob Hagan 
>>  on the Network Resource Planning (NRP) 
>> project . The platform runs on 
>> Django and he's been using the REST API app to open up ports to some of the 
>> pieces of the software. Right now we're working on an interface for 
>> creating new users, which requires the passing of a CSRF token for 
>> authentication. I'm having a heck of a time and we can't figure out if the 
>> issue is something set up on the server or on my front end code. I'm hoping 
>> that the issue might be obvious to someone here. 
>>
>> First of all, you can access the Django API code in the repository code 
>> here:
>> https://github.com/valnet/valuenetwork/tree/master/valuenetwork/api
>>
>> My front end code is written in JavaScript can be viewed in it's own 
>> repository here:
>>
>> https://github.com/christroutner/rpiovn/blob/unstable/public/js/app/views/NRPUsersView.js
>>
>> This video gives a visual overview of the user interface and the general 
>> issues I'm experiencing:
>> https://youtu.be/vaYCLmsi_hM
>>
>>
>> NRPUsersView.js is a Backbone.js View file. If that doesn't mean anything 
>> to you, that's OK. The important thing to notice is the three different 
>> ways I tried to access the API.
>>
>>1. I use JavaScript to fill out an HTML form. This is currently the 
>>only way that works at the moment.
>>
>>2. A typical AJAX POST submission
>>
>>3. A JavaScript Virtual Form using the FormData object.
>>
>> Method 3 should be identical to method 1 as far as the server is 
>> concerned, but the HTTP headers are slightly different. Like I said, 
>> methods 2 and 3 are not working out. I've tweaked the code every which way 
>> and I always get a "403 FORBIDDEN Authentication credentials were not 
>> provided" message.
>>
>> According to this Django documentation 
>> , there are three 
>> possible locations to put the CSRF token:
>>
>>1. In the document.cookie
>>
>>2. In the HTTP header preceded by "X-CSRFToken"
>>
>>3. And a hidden input field in the form
>>
>>
>> I've tried every combination of the three options for passing the CSRF 
>> token and haven't had any luck.
>>
>>
>> Has anyone had experience implementing this type of API authentication 
>> with Django before? Any help you can provide would be appreciated.
>>
>
>
> There's something a bit confused here. CSRF is not for authentication, and 
> has nothing to do with it at all; it's a method of preventing a certain 
> class of hack that would permit an attacker to hijack a user's session 
> credentials. It really can't be used to authenticate a user for your API; 
> there are plenty of other token-based ways of doing this.
> -- 
> DR.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/1c7788e8-1567-4dcd-9cac-24a518ab7efa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django API CSRF Issues - Need Help

2016-05-21 Thread Daniel Roseman

On Saturday, 21 May 2016 02:36:15 UTC+1, Chris Troutner wrote:
>
> Hey all,
>
> This is my first time posting to the group. I'm working with Bob Hagan 
>  on the Network Resource Planning (NRP) 
> project . The platform runs on 
> Django and he's been using the REST API app to open up ports to some of the 
> pieces of the software. Right now we're working on an interface for 
> creating new users, which requires the passing of a CSRF token for 
> authentication. I'm having a heck of a time and we can't figure out if the 
> issue is something set up on the server or on my front end code. I'm hoping 
> that the issue might be obvious to someone here. 
>
> First of all, you can access the Django API code in the repository code 
> here:
> https://github.com/valnet/valuenetwork/tree/master/valuenetwork/api
>
> My front end code is written in JavaScript can be viewed in it's own 
> repository here:
>
> https://github.com/christroutner/rpiovn/blob/unstable/public/js/app/views/NRPUsersView.js
>
> This video gives a visual overview of the user interface and the general 
> issues I'm experiencing:
> https://youtu.be/vaYCLmsi_hM
>
>
> NRPUsersView.js is a Backbone.js View file. If that doesn't mean anything 
> to you, that's OK. The important thing to notice is the three different 
> ways I tried to access the API.
>
>1. I use JavaScript to fill out an HTML form. This is currently the 
>only way that works at the moment.
>
>2. A typical AJAX POST submission
>
>3. A JavaScript Virtual Form using the FormData object.
>
> Method 3 should be identical to method 1 as far as the server is 
> concerned, but the HTTP headers are slightly different. Like I said, 
> methods 2 and 3 are not working out. I've tweaked the code every which way 
> and I always get a "403 FORBIDDEN Authentication credentials were not 
> provided" message.
>
> According to this Django documentation 
> , there are three 
> possible locations to put the CSRF token:
>
>1. In the document.cookie
>
>2. In the HTTP header preceded by "X-CSRFToken"
>
>3. And a hidden input field in the form
>
>
> I've tried every combination of the three options for passing the CSRF 
> token and haven't had any luck.
>
>
> Has anyone had experience implementing this type of API authentication 
> with Django before? Any help you can provide would be appreciated.
>


There's something a bit confused here. CSRF is not for authentication, and 
has nothing to do with it at all; it's a method of preventing a certain 
class of hack that would permit an attacker to hijack a user's session 
credentials. It really can't be used to authenticate a user for your API; 
there are plenty of other token-based ways of doing this.
-- 
DR.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/64a5a9e4-09d5-4cc1-b7d6-962bc8417411%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Displaying a document

Re: Is it possible to output a graph from Matplotlib into Django like this?

Re: Displaying a document

Re: Displaying a document

Displaying a document

Re: Django API CSRF Issues - Need Help

Django Test Errors

about django framework execution sequence

Re: Django API CSRF Issues - Need Help

Re: Django API CSRF Issues - Need Help

Re: Django API CSRF Issues - Need Help

Re: Django API CSRF Issues - Need Help

Re: Django API CSRF Issues - Need Help

Re: Django API CSRF Issues - Need Help

Re: Django API CSRF Issues - Need Help

Re: Django API CSRF Issues - Need Help

16 matches

Site Navigation

Mail list logo

Footer information