django-open-id:CSRF 验证失败

发布于 2024-10-25 19:52:20 字数 2679 浏览 10 评论 0原文

我在这个问题中提出了建议: What's the best Solution for OpenID with Django ? 并为我的应用程序安装了django-openid-auth

但我就是无法让它工作,我总是得到 CSRF 验证失败。请求中止。 当我尝试登录时。

django csrf

我已检查所有内容:

1.

{% csrf_token %} 存在于模板中:

<form name="fopenid" action="{{ action }}" method="post">
    {% csrf_token %}
    <fieldset>
        <legend>Sign In Using Your OpenID</legend>
        <div class="form-row">
            <label for="id_openid_identifier">OpenID:</label><br />
            {{ form.openid_identifier }}
        </div>
        <div class="submit-row ">
            <input name="bsignin" type="submit" value="Log in">
        </div>
 {% if next %}
        <input type="hidden" name="next" value="{{ next }}" />
 {% endif %}
    </fieldset>
</form>

2.

django_openid_auth 内部的views.py中我发现,他们使用RequestContext

return render_to_response(template_name, {
                    'form': login_form,
                    redirect_field_name: redirect_to
                    }, context_instance=RequestContext(request))

3.

我的MIDDLEWARE_CLASSES确实包含CsrfViewMiddleware

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
)

我只是不明白还有什么可能是错误的?你有什么想法吗?

我正在使用 Django 1.3 beta。

更新

这似乎是我的全球问题。我创建了一个简单的表单并得到了相同的结果:

def index(request):
    return render_to_response('index.html',
                              locals(),
                              context_instance=RequestContext(request))

index.html:

<form action="/" method="post">
    {% csrf_token %}
    <input type="text" name="test">
    <input type="submit">
</form>

渲染的 HTML:

<form action="/" method="post">
    <div style="display:none"><input type="hidden" name="csrfmiddlewaretoken" value="1fbd5345560d325bf05809260f7d43c3"></div>
    <input type="text" name="test">
    <input type="submit">
</form>

出了什么问题!?

I fallowed recommendation in this SO question: What's the best solution for OpenID with Django? and installed django-openid-auth for my application.

But I just can't get it working, I always get CSRF verification failed. Request aborted. when I try to log in.

django csrf

I have checked everything:

1.

{% csrf_token %} is present in the template:

<form name="fopenid" action="{{ action }}" method="post">
    {% csrf_token %}
    <fieldset>
        <legend>Sign In Using Your OpenID</legend>
        <div class="form-row">
            <label for="id_openid_identifier">OpenID:</label><br />
            {{ form.openid_identifier }}
        </div>
        <div class="submit-row ">
            <input name="bsignin" type="submit" value="Log in">
        </div>
 {% if next %}
        <input type="hidden" name="next" value="{{ next }}" />
 {% endif %}
    </fieldset>
</form>

2.

In the views.py inside of django_openid_auth I found, that they use RequestContext:

return render_to_response(template_name, {
                    'form': login_form,
                    redirect_field_name: redirect_to
                    }, context_instance=RequestContext(request))

3.

My MIDDLEWARE_CLASSES does contain CsrfViewMiddleware:

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
)

I just can't understand what else could be wrong? Do you have any ideas?

I am using Django 1.3 beta.

UPDATE

This seem to be my global problem. I've created a simple form and got the same result:

def index(request):
    return render_to_response('index.html',
                              locals(),
                              context_instance=RequestContext(request))

index.html:

<form action="/" method="post">
    {% csrf_token %}
    <input type="text" name="test">
    <input type="submit">
</form>

Rendered HTML:

<form action="/" method="post">
    <div style="display:none"><input type="hidden" name="csrfmiddlewaretoken" value="1fbd5345560d325bf05809260f7d43c3"></div>
    <input type="text" name="test">
    <input type="submit">
</form>

What's wrong!?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

So要识趣 2024-11-01 19:52:20

我尝试了“manage.py runserver localhost:8000”而不是“manage.py runserver”并且它有效
我的猜测是由于主机名中的 ip 导致它存在一些 cookie 问题
顺便提一句。我在 django 1.3 的新副本中遇到此错误

I tried "manage.py runserver localhost:8000" instead of "manage.py runserver" and it worked
my guess is it has some cookie problems because of ip in hostname
btw. i got this error with fresh copy of django 1.3

无敌元气妹 2024-11-01 19:52:20

实际上,我认为这是我在 Django 中遇到的第一个错误。我已将我的副本更新为新版本的 1.3,一切都开始工作。干得好,Django 开发者!

Actually, I think it was the first bug I encountered in Django. I've updated my copy to fresh release of 1.3 and everything started working. Good job, Django developers!

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文