Hi Angel,
Thanks so much for your prompt reply. Appreciated.
Reading your script, I can see that you use my_id=request.user.id. In
my code I used username = request.user.username. (notice my commented
code? I just tested request.user.id. The problem exists.) So there is
no major difference as it has the same logic. However, the problem
loops back to my original question: why can not request.user give the
correct logined user? Why one session seems to over-write the other?
When I wrote my scripts, I used request.user first. As it could not
give me a correct user's name, I turned to session. However, session
had the same problem.
I read online DjangoBook again and again, trying to find what I missed
or what I did wrong. I spent much time on googling online. However I
can not find what caused this problem.
On Aug 28, 2:57 pm, Angel Cruz <mrangelc...@gmail.com> wrote:
> Your implementation is dependent upon session cookies, and I am sure you
> have a good reason for it. I am as stomped as you are why that is (unless
> you are like me, who confuses 127.0.0.1:8080 w/ localhost as I open multiple
> browsers in testing my site...each will have different session cookies).
>
> My implementation is dependent more on the user id being passed in from the
> login page if a user is not logged in and just passing the User object into
> the template:
>
> my view.py has:
> -----------------------
> @login_required
> def index(request):
> .
> .
> .
> if request.user.is_authenticated():
> my_id=request.user.id
> user = get_object_or_404(User, id=my_id)
>
> context = {'my_auth_user': user, ....blah blah }
> .
> .
> .
> return render_to_response('registration/detail.html',
> context,
> context_instance =
> RequestContext(request))
>
> my template ('registration/detail.html') has:
> -------------------------------------------------------------
> <h4>{{ my_auth_user.username}}</h4>
> <h4>{{ my_auth_user.first_name}}</h4>
> <h4>{{ my_auth_user.last_name}}</h4>
> <h4>{{ my_auth_user.email}}</h4>
>
> This ensures the the User object for that id belongs to is being called to
> get the username and other information.
>
> Of course, you can pass into the template the cookies and session id stuff
> by placing them in the context variable.
>
>
>
> On Fri, Aug 28, 2009 at 1:15 PM, David <ww...@yahoo.com> wrote:
>
> > Hi Angel,
>
> > Thanks for your reply. I just tested with decorator @login_required.
> > The problem still exists.
>
> > Following is script for my homepage.
>
> > # this is the homepage
> > @login_required
> > def my_view(request):
> > if request.session.test_cookie_worked():
> > #username = request.user.username
> > if request.user.is_authenticated():
> > username = request.session['username']
> > #username = request.user.username
> > return render_to_response('my_view.html',
> > {'username':username})
> > else:
> > return HttpResponse("Please enable cookies and try again.")
>
> > Neither request.session nor request.user can give a correct user's
> > name all the time. In my login(request) I have
>
> > if request.method == "POST" :
> > username = request.POST['username']
> > password = request.POST['password']
>
> > user = authenticate(username=username, password=password)
> > if user is not None:
> > if user.is_active:
>
> > request.session['password'] = password
> > request.session['username'] = username
> > request.session.set_expiry(0)
>
> > login(request, user)
> > ----------------------------
>
> > So, why can not session bind username to it? And why can not
> > request.user give the correct logined user? it seems to me that
> > sessions are interweaved when two users login at the same time. Or one
> > session over-writes the other? Checking session keys in session table,
> > I can see that each session key is unique.
>
> > Thanks again for your reply. I appreciate it. Do you have more ideas
> > where I missed?
>
> > On Aug 28, 12:35 pm, Angel Cruz <mrangelc...@gmail.com> wrote:
> > > How does your view.py look like?
>
> > > I use the decorator @login_required right before each def that I want to
> > > ensure is viewable only to the logged-in user.
>
> > > On Fri, Aug 28, 2009 at 12:00 PM, David <ww...@yahoo.com> wrote:
>
> > > > hello Django community,
>
> > > > I met this problem and can not find a solution. I wonder if any people
> > > > has met this problem before? Can anybody give a clue or hint how to
> > > > fix it?
>
> > > > For my project, I have enabled sessions and I use
> > > > contrib.auth.models.User. If one user logins into his/her account, all
> > > > is perfect. However, if another user logins (no matter if it is from
> > > > the same computer or from another computer), then the two users sees
> > > > each other's information in their own account.
>
> > > > I also found that
>
> > > > (1.) request.user.username gives another logined user's name instead
> > > > of this one (the correct one) even though I called
> > > > request.user.is_authenticated().
>
> > > > (2.) request.session['username'] does not give the username that I
> > > > assigned it earlier.
>
> > > > (3.) Old session is still there even though a user log-out correctly,
> > > > closes the browser (IE) and then opens another browser (Firefox).
>
> > > > I have put "SESSION_EXPIRE_AT_BROWSER_CLOSE = True" in settings
> > > > already. In my code I have request.session.set_expiry(0).
>
> > > > Checking my session table, I can see that the "expire date" for
> > > > sessions are in two weeks. Does this mean that
> > > > "SESSION_EXPIRE_AT_BROWSER_CLOSE = True" did not work?
>
> > > > Any suggestions?
>
> > > > Thanks so much.- Hide quoted text -
>
> > > - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
