python - django user logged out after password change -


i having issue django users changing passwords - have built few production sites in django, none in year (or in 1.8), don't recall having issue before.

summary

when user changes password, user logged out, password changed.

details

i have view allows user change password, using standard django forms , auth framework, , to stress: changing password works, logs user out have login again.

i don't mind terribly, prefer user redirected dashboard message update, if need reauth user in code, will, seems kind of clunky.

here view function:

@login_required def user_change_password(request):     """allows user change password"""      if request.method == "post":         form = subscriberpasswordform(request.post)         if form.is_valid():             try:                 request.user.set_password(form.cleaned_data['password'])                 request.user.save()             except exception, err:                 print "error changing password: {}".format(err)                 messages.add_message(request, messages.error, 'the password not changed, please try again '                                                               'later. admins have been notified of error.')             else:                 #this outputs true                 print request.user.is_authenticated()                  messages.add_message(request, messages.info, 'your password has been changed successfully')                 return httpresponseredirect("/accounts/dashboard/")     else:         form = subscriberpasswordform()      return render(request, "accounts/change-password.html", {"form": form})

so password changed, user gets redirected dashboard page, @login_required decorator redirects them login screen.

the password form here, though pretty straightforward.

class subscriberpasswordform(forms.form):     password = forms.charfield(widget=forms.passwordinput)     cpassword = forms.charfield(widget=forms.passwordinput)      def clean_cpassword(self):         password1 = self.cleaned_data.get("password")         password2 = self.cleaned_data.get("cpassword")         if password1 , password2 , password1 != password2:             raise forms.validationerror(                 self.error_messages['password_mismatch'],                 code='password_mismatch',             )

my understanding being logged out after password change new in django 1.7. need re-auth user in code said.

see release notes: https://docs.djangoproject.com/en/1.8/releases/1.7/#django-contrib-auth

here specific note: "the abstractbaseuser.get_session_auth_hash() method added , if auth_user_model inherits abstractbaseuser, changing user’s password invalidates old sessions if sessionauthenticationmiddleware enabled. see session invalidation on password change more details including upgrade considerations when enabling new middleware."

see documentation: https://docs.djangoproject.com/en/1.7/topics/auth/default/#session-invalidation-on-password-change


-

Comments

Post a Comment

Popular posts from this blog

facebook - android ACTION_SEND to share with specific application only -

in android application have 4 buttons facebook , viber , telegram , whatsapp , want share different content based on each button. for example if user clicks on viber button want user action_send share content viber only. i found this explains how facebook , twitter seems it's calling specific class name of application don't know applications wanna use except facebook. all android apps have unique id, first have check if these apps installed in user's device , can pass unique id via intent sharing. according below: unique ids different apps : viber : com.viber.voip telegram : org.telegram.messenger whatsapp : com.whatsapp check if these apps installed , if installed send messages through intent. private void sendmessage(context context,string message, string appids) { final boolean isappinstalled =isappavailable(context, appids); if (isappinstalled) { intent myintent = new intent(intent.action_send); myintent.settype("text/p...
Read more

python - Creating a new virtualenv gives a permissions error -

i'm getting following output when running virtualenv newvenv . traceback (most recent call last): file "/usr/local/bin/virtualenv", line 5, in <module> pkg_resources import load_entry_point file "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2727, in <module> add_activation_listener(lambda dist: dist.activate()) file "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 700, in subscribe callback(dist) file "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2727, in <lambda> add_activation_listener(lambda dist: dist.activate()) file "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2227, in activate self.insert_on(path) file "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2334, in insert_on self.check_version_conflict() file "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2373, in check_version_conflict...
Read more

javascript - cocos2d-js draw circle not instantly -

i wondering how draw circles (or other shapes also) not instantly. so far tried drawcircle(args...) in ccdrawnode.js , drawcircle(args...) in cc.drawingprimitivecanvas class, , draw circles popping out instantly on screen. what if want achieve effect circular progressive bar, completes circle based on percentage of initialization? or more generally, if want draw circle respect prolonged period? thinking there drawcircle function elapsed time argument fail find any. or have implement own? thanks suggestions, far out of ideas. i think have implement own. think can achieve update circle drawing on each time update() function called.
Read more