Pasquale
unread,Jan 6, 2019, 12:55:56 PM1/6/19Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to django...@googlegroups.com
I have the following files:
#views.py
from django.views.generic.edit import FormView
from django.views.generic.base import TemplateView
from braces.views import AnonymousRequiredMixin, CsrfExemptMixin
#exempting from Csfr as the worst it can do is making lots of new users
class LogonView(CsrfExemptMixin, AnonymousRequiredMixin, FormView):
"the page to create a new user"
from .forms import LogonForm as form_class
template_name = "registration/logon.html"
from django.urls import reverse_lazy
authenticated_redirect_url = reverse_lazy("success")
success_url = authenticated_redirect_url
def form_valid(self, form):
u = form.save(commit=False)
u.set_password(form.cleaned_data["password"])
u.save()
from django.contrib.auth import login
login(self.request, u)
return super().form_valid(form)
class SuccessView(TemplateView):
template_name = "registration/success.html"
#forms.py
from django import forms as f
class LogonForm(f.ModelForm):
"The form to create a new user"
# repeat the password form
password2 = f.CharField(
label="Please repeat your password",
widget=f.PasswordInput,
)
class Meta:
from django.contrib.auth.models import User as model
fields = ("username", "email", "first_name", "last_name",
"password")
widgets = {"password": f.PasswordInput, }
def clean(self):
c = super().clean()
pwd = c.get("password")
if pwd and pwd == c.get("password2"):
return c
raise f.ValidationError(
"You need to repeat the passwords identically")
#urls.py
from django.urls import path, include
from .views import *
urlpatterns = [
path('', include('django.contrib.auth.urls')),
path("logon/", LogonView.as_view(), name="logon"),
path("success/",SuccessView.as_view(),name="success")
]
When I try to access /logon and fill the resulting form,it gives me a
403 CSFR error.
The weird thing is that the user is still created and the login is still
successful,
so if I tried to reload the page of the error it redirects me to the
/success page