我试图在ajax帖子上验证用户,但不起作用.这就是我所做的
settings.py
LOGIN_URL = '/accounts/login/' LOGIN_REDIRECT_URL = '/'
模板
urls.py
url(r'^like/$', 'apps.quotation.views.like', name='like'),
views.py - 尝试1
@login_required def like(request): vars = {} if request.method == 'POST': response_dict = {} if not something: response_dict.update({'message': "Requested" }) else: response_dict.update({'message': "You have already requested" }) return HttpResponse(simplejson.dumps(response_dict), mimetype='application/javascript')
views.py - 尝试2
def like(request): if not request.user.is_authenticated(): return HttpResponseRedirect('/accounts/login') else: vars = {} if request.method == 'POST': response_dict = {} if not something: response_dict.update({'message': "Requested" }) else: response_dict.update({'message': "You have already requested" }) return HttpResponse(simplejson.dumps(response_dict), mimetype='application/javascript')
运行服务器日志
[05/Mar/2014 05:19:16] "POST /like/ HTTP/1.1" 302 0 [05/Mar/2014 05:19:16] "GET /accounts/login/?next=/like/ HTTP/1.1" 200 5610
我错过了什么?
当我想检查当用户登录时进行Ajax调用时,我使用的是:
from functools import wraps from django.core.exceptions import PermissionDenied def ajax_login_required(view): @wraps(view) def wrapper(request, *args, **kwargs): if not request.user.is_authenticated(): raise PermissionDenied return view(request, *args, **kwargs) return wrapper
raise PermissionDenied
将导致403状态代码返回给客户端.否则,如果您使用@login_required
装饰器或手动重定向到表单,那么Ajax调用看作响应的内容对于人类是有意义的,但对于Ajax调用没有意义.
代替 :
if not request.user.is_authenticated(): return HttpResponseRedirect('/accounts/login')
返回json响应:
if request.user.is_authenticated(): ## write your code... jsonr = json.dumps({ 'authenticated': True }) return HttpResponse(jsonr, mimetype='application/json') else: jsonr = json.dumps({ 'authenticated': False }) return HttpResponse(jsonr, mimetype='application/json')
在您的ajax成功响应中,如果未经过身份验证,则重定向到使用登录windows.location
.
或者您可以编写装饰器: Django身份验证和Ajax - 需要登录的URL