Django - 自定义仪表板视图身份验证问题
Django 版本 1.1.1 我设置了一个自定义仪表板视图来覆盖 django 管理 默认情况如下:
(r'^admin/$', 'dashboard.views.dashboard'),
(r'^admin/', include(admin.site.urls)),
仪表板视图使用 @staff_member_required 装饰器进行身份验证
这对于具有超级用户权限的所有用户都运行良好 但是当尝试登录仅具有工作人员身份的用户时(有 尝试了不同的权限设置)我抛出了 500 服务器错误:
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] mod_wsgi
(pid=13815): Exception occurred processing WSGI script '/home/......../
_site.wsgi'.
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] Traceback (most
recent call last):
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] File "/
home/...../lib/python2.5/django/core/handlers/wsgi.py", line 245, in
__call__
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] response =
middleware_method(request, response)
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] File "/
home/....../lib/python2.5/django/contrib/sessions/middleware.py", line
26, in process_response
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1]
patch_vary_headers(response, ('Cookie',))
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] File "/
home/....../lib/python2.5/django/utils/cache.py", line 130, in
patch_vary_headers
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] if
response.has_header('Vary'):
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] AttributeError:
'QuerySet' object has no attribute 'has_header'
当用户 @login_required 时我也收到相同的错误。任何想法 这?
谢谢
Django version 1.1.1
I have a custom dashboard view set up to override the django admin
default like:
(r'^admin/
dashboard view authenticates with the @staff_member_required decorator
This has been working fine with all users having superuser permissions
but when trying to login a user with just staff member status (have
tried different permission settings) I am throwing a 500 server error:
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] mod_wsgi
(pid=13815): Exception occurred processing WSGI script '/home/......../
_site.wsgi'.
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] Traceback (most
recent call last):
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] File "/
home/...../lib/python2.5/django/core/handlers/wsgi.py", line 245, in
__call__
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] response =
middleware_method(request, response)
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] File "/
home/....../lib/python2.5/django/contrib/sessions/middleware.py", line
26, in process_response
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1]
patch_vary_headers(response, ('Cookie',))
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] File "/
home/....../lib/python2.5/django/utils/cache.py", line 130, in
patch_vary_headers
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] if
response.has_header('Vary'):
[Sun Jul 18 12:36:59 2010] [error] [client 127.0.0.1] AttributeError:
'QuerySet' object has no attribute 'has_header'
I get the same error when user @login_required as well. Any ideas on
this?
Thanks
, 'dashboard.views.dashboard'),
(r'^admin/', include(admin.site.urls)),
dashboard view authenticates with the @staff_member_required decorator
This has been working fine with all users having superuser permissions
but when trying to login a user with just staff member status (have
tried different permission settings) I am throwing a 500 server error:
I get the same error when user @login_required as well. Any ideas on
this?
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
也许您应该在公共注销 url 和管理注销 url 中正确清理浏览器 cookie 并注销。我认为普通用户打开一个会话,工作人员用户打开另一个会话,因此将两者混合在同一个应用程序中并不是一个好主意。
Maybe you should clean your browser cookies and logout properly, both in your public logout url and in the admin logout url. I think normal users opens a session and staff users opens another, so is not a good idea to mix both in the same app.