0

This is my URLS.py:

from django.conf.urls import url
from django.conf.urls import include
from CMSApp import views

urlpatterns = [
    url(r'^$', views.HomePageView.as_view()),
    url(r'^users$', views.user_list.as_view()),
    url(r'^users/(?P<pk>[0-9]+)$', views.user_detail.as_view()),
    url(r'^api-auth/', include('rest_framework.urls',
                                   namespace='rest_framework')),
]

So to login, I use the URL /api-auth/login. When I go to /api-auth/login, I see the DRF login screen. If I type in an incorrect username and password, it says:

Please enter a correct username and password. Note that both fields may be case-sensitive.

and if I type in a correct username and password, it redirects the page to LOGIN_REDIRECT_URL in my settings.py, so this part works.

However, I want to be able to log in without accessing the DRF login page. When the user visits

127.0.0.1/

this view gets called:

class HomePageView(TemplateView):
    template_name = "home.html"

    def get_context_data(self, **kwargs):
            context = super(HomePageView, self).get_context_data(**kwargs)
            return context

And this is my home.html:

<h3>Login</h3>
<form ng-submit="ctrl.loginUser()" name="myLoginForm">
    <div class="form-group">
        <label>Username</label>
        <input type="text" name="uname" class="form-control" ng-model="ctrl.user.username" required> 
    </div>

    <div class="form-group">
        <label>Password</label>
        <input type="password" name="pwd" class="form-control" ng-model="ctrl.user.password" required>
    </div>

    <input type="submit" value="Login"> 
</form>

<script>
angular.module("notesApp", [])
    .config(['$httpProvider', function($httpProvider) {
        $httpProvider.defaults.xsrfCookieName = 'csrftoken';
        $httpProvider.defaults.xsrfHeaderName = 'X-CSRFToken';
    }])

    .controller("MainCtrl", ["$http", function($http) {
    var self = this;
    self.users = {};
    var fetchUsers = function() {
        return $http.get("/CMS/users").then(function(response) { // get list of existing users
            self.users = response.data;
        }, function(errResponse) {
        console.error("Error while fetching users.");
        });
    };

    self.loginUser = function() {
        $http.post("/CMS/api-auth/login/", self.user)
        .error(function(data, status, headers, config) {
            console.log(data);
         })
        .then(fetchUsers);

        console.log("Success Login with ", self.user);
    };
    }]);
</script>

The issue is, if the user puts in an incorrect username and password, "Success login with self.user" appears on the console.log and there is no error message. On top of that, if the user logs in with a correct username and password, the user does not get redirected to LOIGN_REDIRECT_URL. Any idea why?

SilentDev
  • 20,997
  • 28
  • 111
  • 214
  • You are writing a server side app , not an angular SPA. Also need to get a better understanding of ajax errors. An ajax error won't get thrown if you return a 200 status and the response parsing is valid. Are you wanting to create a single page app (SPA) or a server side one? – charlietfl Jul 23 '15 at 22:59
  • @charlietfl Basically, I want every part of my backend to be accessible using a RESTful API so that I can eventually talk to it with an iPhone / Android device. I created the home.html template so that users using a browser from their computers can access it as well. Other than the homepage (home.html, which gets called if the app is accessed using a browser on a computer), all the other URL's return JSON objects. So what I want is a SPA. What is it about my code which makes my app a server-side application and not an SPA?. – SilentDev Jul 24 '15 at 01:34
  • The server side redirects are what i'm seeing. You would really want an angular router for path changes in browser only. Server would have no responsibility for redirects to pages other than the index(home). Granted I know nothing about django but the server routes looked to me like they were intended to serve views in the `users` path. Are those REST paths? – charlietfl Jul 24 '15 at 02:01
  • 1
    as for the ajax error handling. If login fails .... using true REST methodology would send back a 401 status which would then fire your ajax error handler. Then use the rejected promise to block internal routing in client – charlietfl Jul 24 '15 at 02:07
  • @charlietfl Okay, I'll try to get a way to make DRF return a 401 status when the uesrname / password is incorrect (currently, it returns a 200 OK). And yes, the server redirects to a different URL after the user logs in (my app is currently a 2-page-application because there is a redirect after log-in). Basically, what happens is, the user requests a URL from the frontend, and then in the backend, the server checks the URL and calls the appropriate controller (MVC Controller - in Django the "controller" is referred to as the "view"). The controller / Django "view" then returns a JSON object. – SilentDev Jul 24 '15 at 05:30
  • @charlietfl By the way, any idea why Django is returning a 200 OK rather than a 404 or a 204 No Content when I try to login using an incorrect username / password? I'd actually expect a 404, not a 200 OK, but even a 204 No Content seems more appropriate because Django does not seem to be sending any information / result to client-side either (otherwise AngularJS should log it - .error(function(data, status, headers, config) { console.log(data);). – SilentDev Sep 24 '15 at 02:23

0 Answers0