登錄和註銷導致死循環

Question

我爲兩種不同類型的用戶創建一個自定義身份驗證後端。用戶可以使用他們的賬戶登錄和註銷。但是，有時會造成無限循環。造成這種錯誤的可能原因是什麼？

在控制檯中的部分錯誤的：

"[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/ HTTP/1.1" 302 0 
[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/%25253Fnext%25253D/dataInfo/login/ HTTP/1.1" 302 0 
[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/%25253Fnext%25253D/dataInfo/login/%2525253Fnext%2525253D/dataInfo/login/ HTTP/1.1" 302 0 
" 

在我的意見

@login_required(login_url='/dataInfo/login/') 
def login_view(request): 
    if request.method == 'POST': 
     username = request.POST['username'] 
     password = request.POST['password'] 
     user = authenticate(name=username,password=password) 
     if user is not None: 
      if user.is_active: 
       login(request,user) 
       #redirect to user profile 
       print "suffcessful login!" 

       # chech the user type 
       # if it is Customer,redirect to sale view 
       # if it is Staff,redirect to userprofile 
       if request.user.get_user_type() == "Customer": 
        return HttpResponseRedirect('/dataInfo/sale_view') 
       if request.user.get_user_type() == "Staff": 
        # set permission to user 
        request.user.asgin_perm("add_store") 
        request.user.asgin_perm("add_product") 
        request.user.asgin_perm("add_sale") 
        request.user.asgin_perm("change_store") 
        request.user.asgin_perm("change_product") 
        request.user.asgin_perm("change_sale") 
        request.user.asgin_perm("delete_store") 
        request.user.asgin_perm("delete_product") 
        request.user.asgin_perm("delete_sale") 

        return HttpResponseRedirect('/dataInfo/userprofile') 
      else: 
       # return a disable account 
       return HttpResponse("User acount or password is incorrect") 
     else: 
      print "Invalid login details: {0}, {1}".format(username, password) 
      return HttpResponseRedirect('/dataInfo/login') 
    else: 

     login_form = LoginForm() 
    return render_to_response('dataInfo/login.html', {'form': login_form}, context_instance=RequestContext(request)) 

@login_required(login_url='/dataInfo/login/') 
def logout_view(request): 
    auth.logout(request) 
    return HttpResponseRedirect('/dataInfo/login') 

在我的後端

from .models import Customer,Staff 
from django.conf import settings 

class CustomerAuthBackend(object): 

    def authenticate(self, name=None, password=None): 
     try: 

      user = Customer.objects.get(name=name) 

      if password == getattr(user,'password'): 

       user.is_active = True 
       # print "is_active: %s" %user.is_active 
       return user 
      else: 
       # Authentication fails if None is returned 
       return None 
     except Customer.DoesNotExist: 
      return None 

    def get_user(self, user_id): 
     try: 
      return Customer.objects.get(pk=user_id) 
     # TODO: may delete 
     except Customer.DoesNotExist: 
      return None 

class StaffAuthBackend(object): 

    def authenticate(self, name=None, password=None): 
     try: 
      # TODO : check User is None 
      user = Staff.objects.get(name=name) 

      if password == getattr(user,'password'): 

       Staff.is_active = True 

       return user 
      else: 
       return None 
     except Staff.DoesNotExist: 
      return None 

    def get_user(self, user_id): 
     try: 
      return Staff.objects.get(pk=user_id) 
     # TODO: may delete 
     except Staff.DoesNotExist: 
      return None 

Answer 1

您的登錄視圖要求您先登錄（@login_required）

因此，您永遠無法登錄，因爲您需要登錄才能登錄，但您尚未登錄，因此您無法登錄，因爲無法登錄該頁面以便登錄。

所以，如果你想能夠登錄你需要刪除裝飾，所以你的登錄視圖不會要求你登錄才能登錄，因爲畢竟，如果你已經登錄，那麼你不會嘗試登錄。