[Django-users] Admin stuck at login page

[Django-users] Admin stuck at login page

	Keith Edmiston
	Nov 12, 2013 at 2:23 pm

PROBLEM: I am attempting to implement the Django Admin on a new project,
but when I log in the page simply reloads to the login screen as if nothing
was done. It should be noted that if I use incorrect credentials I get the
error message as expected.

URLS.py:
from django.conf.urls import patterns, url, include
from django.conf import settings
from bus.certs.views import index

# Uncomment the next two lines to enable the admin:
from django.contrib import admin
admin.autodiscover()

urlpatterns = patterns('',
                        (r'^apps/bus/certs/$', index),
                        (r'^apps/bus/certs/index$', index),
                        (r'^apps/bus/certs/listing/',
include('bus.certs.listing.urls')),
                        (r'^apps/bus/certs/application/',
include('bus.certs.application.urls')),

                        # Example:
                        # (r'^apps/bus/certs/',
include('bus.certs.foo.urls')),

                        # Uncomment the admin/doc line below and add
'django.contrib.admindocs'
                        # to INSTALLED_APPS to enable admin documentation:
                        # (r'^admin/doc/',
include('django.contrib.admindocs.urls')),

                        # Uncomment the next line to enable the admin:
                        (r'^apps/bus/certs/admin/',
include(admin.site.urls)),
                        )

ADMIN.py:
import django.contrib
import common.models

print 'inside admin.py'

django.contrib.admin.site.register(common.models.Application)

SHELL logs:
** on initial page load:
[12/11/2013 08:16:07] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48842

** on entry of incorrect credentials:
[12/11/2013 08:17:35] "POST /apps/bus/certs/admin/ HTTP/1.1" 200 49209
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/login.css
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/base.css
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/img/icon_error.gif
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/img/nav-bg.gif
HTTP/1.1" 304 0

** on entry of correct credentials:
[12/11/2013 08:19:16] "POST /apps/bus/certs/admin/ HTTP/1.1" 302 0
[12/11/2013 08:19:17] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48682

Things I've done/tried:

    1. reset the password using the "users[0].set_password('whatever')"
    command (found here:
    http://coderseye.com/2007/howto-reset-the-admin-password-in-django.html)
    2. deleted all recs in django_sessions table (MySQL db) and verified
    that session recs are being created on attempts.

Any help would be appreciated. Please let me know if there is other info I
can provide that I didn't think to provide above.

--
Keith Edmiston

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAP_gv7JzbDxrS5bhJjEKcH417o6bfbEh1VEe6%3DxBTRH_8JP-Ug%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

4 responses
Oldest
Nested

Tom Evans

at Nov 12, 2013 at 4:35 pm

⇧

On Tue, Nov 12, 2013 at 2:23 PM, Keith Edmiston wrote:
PROBLEM: I am attempting to implement the Django Admin on a new project, but
when I log in the page simply reloads to the login screen as if nothing was
done. It should be noted that if I use incorrect credentials I get the error
message as expected.

URLS.py:
from django.conf.urls import patterns, url, include
from django.conf import settings
from bus.certs.views import index

# Uncomment the next two lines to enable the admin:
from django.contrib import admin
admin.autodiscover()

urlpatterns = patterns('',
(r'^apps/bus/certs/$', index),
(r'^apps/bus/certs/index$', index),
(r'^apps/bus/certs/listing/',
include('bus.certs.listing.urls')),
(r'^apps/bus/certs/application/',
include('bus.certs.application.urls')),

# Example:
# (r'^apps/bus/certs/',
include('bus.certs.foo.urls')),

# Uncomment the admin/doc line below and add
'django.contrib.admindocs'
# to INSTALLED_APPS to enable admin documentation:
# (r'^admin/doc/',
include('django.contrib.admindocs.urls')),

# Uncomment the next line to enable the admin:
(r'^apps/bus/certs/admin/',
include(admin.site.urls)),
)

ADMIN.py:
import django.contrib
import common.models

print 'inside admin.py'

django.contrib.admin.site.register(common.models.Application)

SHELL logs:
** on initial page load:
[12/11/2013 08:16:07] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48842

** on entry of incorrect credentials:
[12/11/2013 08:17:35] "POST /apps/bus/certs/admin/ HTTP/1.1" 200 49209
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/login.css
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/base.css
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/img/icon_error.gif
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/img/nav-bg.gif
HTTP/1.1" 304 0

** on entry of correct credentials:
[12/11/2013 08:19:16] "POST /apps/bus/certs/admin/ HTTP/1.1" 302 0
[12/11/2013 08:19:17] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48682

Things I've done/tried:

reset the password using the "users[0].set_password('whatever')" command
(found here:
http://coderseye.com/2007/howto-reset-the-admin-password-in-django.html)
deleted all recs in django_sessions table (MySQL db) and verified that
session recs are being created on attempts.

Any help would be appreciated. Please let me know if there is other info I
can provide that I didn't think to provide above.

Have you verified that your session cookies are being accepted by the
browser and sent back on subsequent requests?

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFHbX1Jf_fTXWzSQ8Z-YtwNbnhhvtpX97tZ0-FGDe5e2%2Bzxwzg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

reply | permalink

Keith Edmiston

at Nov 12, 2013 at 4:50 pm

⇧

Hi Tom,

Thanks for responding. I'm not using Session Cookies, but instead am using
Session DB (SESSION_ENGINE = 'django.contrib.sessions.backends.db').

Not sure if that really answers your question though. Can you provide me
with a best way to verify the session process is working correctly via the
browser? I'm not fully certain how to go about doing that.

BTW, I'm using Django 1.4.

Keith

On Tue, Nov 12, 2013 at 10:34 AM, Tom Evans wrote:

On Tue, Nov 12, 2013 at 2:23 PM, Keith Edmiston wrote:
PROBLEM: I am attempting to implement the Django Admin on a new project, but
when I log in the page simply reloads to the login screen as if nothing was
done. It should be noted that if I use incorrect credentials I get the error
message as expected.

URLS.py:
from django.conf.urls import patterns, url, include
from django.conf import settings
from bus.certs.views import index

# Uncomment the next two lines to enable the admin:
from django.contrib import admin
admin.autodiscover()

urlpatterns = patterns('',
(r'^apps/bus/certs/$', index),
(r'^apps/bus/certs/index$', index),
(r'^apps/bus/certs/listing/',
include('bus.certs.listing.urls')),
(r'^apps/bus/certs/application/',
include('bus.certs.application.urls')),

# Example:
# (r'^apps/bus/certs/',
include('bus.certs.foo.urls')),

# Uncomment the admin/doc line below and add
'django.contrib.admindocs'
# to INSTALLED_APPS to enable admin documentation:
# (r'^admin/doc/',
include('django.contrib.admindocs.urls')),

# Uncomment the next line to enable the admin:
(r'^apps/bus/certs/admin/',
include(admin.site.urls)),
)

ADMIN.py:
import django.contrib
import common.models

print 'inside admin.py'

django.contrib.admin.site.register(common.models.Application)

SHELL logs:
** on initial page load:
[12/11/2013 08:16:07] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48842

** on entry of incorrect credentials:
[12/11/2013 08:17:35] "POST /apps/bus/certs/admin/ HTTP/1.1" 200 49209
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/login.css
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/css/base.css
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET
/apps/bus/certs/static/admin/img/icon_error.gif
HTTP/1.1" 304 0
[12/11/2013 08:17:35] "GET /apps/bus/certs/static/admin/img/nav-bg.gif
HTTP/1.1" 304 0

** on entry of correct credentials:
[12/11/2013 08:19:16] "POST /apps/bus/certs/admin/ HTTP/1.1" 302 0
[12/11/2013 08:19:17] "GET /apps/bus/certs/admin/ HTTP/1.1" 200 48682

Things I've done/tried:

reset the password using the "users[0].set_password('whatever')" command
(found here:
http://coderseye.com/2007/howto-reset-the-admin-password-in-django.html)
deleted all recs in django_sessions table (MySQL db) and verified that
session recs are being created on attempts.

Any help would be appreciated. Please let me know if there is other info I
can provide that I didn't think to provide above.

Have you verified that your session cookies are being accepted by the
browser and sent back on subsequent requests?

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/CAFHbX1Jf_fTXWzSQ8Z-YtwNbnhhvtpX97tZ0-FGDe5e2%2Bzxwzg%40mail.gmail.com
.
For more options, visit https://groups.google.com/groups/opt_out.

--
Keith Edmiston
(512)970-7222

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAP_gv7Jh_kJTckjyeVNEs4T_GJ5WufJ5j0Uj8sn7X6xhWUNeNA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

reply | permalink

Tom Evans

at Nov 12, 2013 at 5:15 pm

⇧

On Tue, Nov 12, 2013 at 4:50 PM, Keith Edmiston wrote:
Hi Tom,

Thanks for responding. I'm not using Session Cookies, but instead am using
Session DB (SESSION_ENGINE = 'django.contrib.sessions.backends.db').

I'm not talking about where the session data is stored. If you are
using sessions, you are using cookies.

Not sure if that really answers your question though. Can you provide me
with a best way to verify the session process is working correctly via the
browser? I'm not fully certain how to go about doing that.

BTW, I'm using Django 1.4.

Keith

Sessions work by the server assigning the browser a special session id
to persist in a cookie. On subsequent requests, the same session id is
sent back by the browser to the server, and the server can load the
data stored in previous requests from the session backend.

If the browser does not accept the cookie containing the session id
set by the server, then on subsequent requests no session id is sent
to the server and the server cannot load the data stored in previous
requests.

If you were doing this at a login page, the net result would be that
you seem to authenticate correctly, but then are not logged in on
subsequent requests.

An easy way to check this is to use something like Firebug, Chrome
Inspecter etc to load the login page. At this point, django will send
a "Set-Cookie" header, which will have "sessionid" set in it. Note
down what the session id is at this point.
Complete and submit the form, and check in Firebug what "Cookie"
header your browser sent as a request header on that request. If it is
a different value to before, then the session cookies you are setting
are not being respected by the browser.

A typical reason for this happening is if you have configured your
site as being on a particular hostname, but are serving it/accessing
it from a different name. For instance, if your site sends a cookie
for "foo.bloggs.com", but your site is served from "127.0.0.1", then
your browser will not accept the cookie.

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFHbX1KF1Bop9WYDZxFixqo57bxTR3Oi%2B1XzShA8acM%2BjViKjg%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

reply | permalink

Keith Edmiston

at Nov 12, 2013 at 8:01 pm

⇧

Tom,

First let me say "thanks!" for all the good info on session cookies. I must
admit that I've had little reason to-date to learn much about them. This
helped.

It would appear that something is certainly amiss in this area, but I can't
nail down what exactly. If you have additional time to invest in this, I'll
post here the info I was able to glean from it all.

Steps taken:

    1. Purged my database table "django_session" again.
    2. Loaded the login page for the admin (
    https://local.utexas.edu:8000/apps/bus/certs/admin/)
       - Checked that a session rec was created on the table (4bfa24...).
       - Checked the SC cookie on Firebug (4bfa24...). By the way, this also
       shows "local.utexas.edu" in the "Domain" column.
    3. Attempted login
       - Saw two cookies created on the table (e440f0... & 23378a...).
       - Saw a new SC cookie in Firebug (23378a...).

So it seems that there is some weirdness re: the cookie passing, right?
But I'm a bit confused since the Domain column for the cookie seems to
recognized the correct local.utexas.edu domain. Any thoughts?

Keith

On Tue, Nov 12, 2013 at 11:15 AM, Tom Evans wrote:

I'm not talking about where the session data is stored. If you are
using sessions, you are using cookies.

--
Keith Edmiston
(512)970-7222

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAP_gv7%2B9kOs_YQBiaFRV9KavjUP1-hBV4cTCe2TKd_YeLjuz6g%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

reply | permalink

Related Discussions

Discussion Navigation

view	thread \| post

Discussion Overview

group	django-users @
categories	django, python
posted	Nov 12, '13 at 2:23p
active	Nov 12, '13 at 8:01p
posts	5
users	2
website	djangoproject.com

responses	expanded	Hotkey: s
font	variable	Hotkey: f
user style	avatars	Hotkey: a

[Django-users] Admin stuck at login page

Search Discussions

Related Discussions

2 users in discussion