登录和注销导致死循环

Question

我为两种不同类型的用户创建一个自定义身份验证后端。用户可以使用他们的账户登录和注销。但是，有时会造成无限循环。造成这种错误的可能原因是什么？

在控制台中的部分错误的：

"[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/ HTTP/1.1" 302 0 
[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/%25253Fnext%25253D/dataInfo/login/ HTTP/1.1" 302 0 
[06/Jul/2016 07:53:41] "GET /dataInfo/login/?next=/dataInfo/login/%3Fnext%3D/dataInfo/login/%253Fnext%253D/dataInfo/login/%25253Fnext%25253D/dataInfo/login/%2525253Fnext%2525253D/dataInfo/login/ HTTP/1.1" 302 0 
" 

在我的意见

@login_required(login_url='/dataInfo/login/') 
def login_view(request): 
    if request.method == 'POST': 
     username = request.POST['username'] 
     password = request.POST['password'] 
     user = authenticate(name=username,password=password) 
     if user is not None: 
      if user.is_active: 
       login(request,user) 
       #redirect to user profile 
       print "suffcessful login!" 

       # chech the user type 
       # if it is Customer,redirect to sale view 
       # if it is Staff,redirect to userprofile 
       if request.user.get_user_type() == "Customer": 
        return HttpResponseRedirect('/dataInfo/sale_view') 
       if request.user.get_user_type() == "Staff": 
        # set permission to user 
        request.user.asgin_perm("add_store") 
        request.user.asgin_perm("add_product") 
        request.user.asgin_perm("add_sale") 
        request.user.asgin_perm("change_store") 
        request.user.asgin_perm("change_product") 
        request.user.asgin_perm("change_sale") 
        request.user.asgin_perm("delete_store") 
        request.user.asgin_perm("delete_product") 
        request.user.asgin_perm("delete_sale") 

        return HttpResponseRedirect('/dataInfo/userprofile') 
      else: 
       # return a disable account 
       return HttpResponse("User acount or password is incorrect") 
     else: 
      print "Invalid login details: {0}, {1}".format(username, password) 
      return HttpResponseRedirect('/dataInfo/login') 
    else: 

     login_form = LoginForm() 
    return render_to_response('dataInfo/login.html', {'form': login_form}, context_instance=RequestContext(request)) 

@login_required(login_url='/dataInfo/login/') 
def logout_view(request): 
    auth.logout(request) 
    return HttpResponseRedirect('/dataInfo/login') 

在我的后端

from .models import Customer,Staff 
from django.conf import settings 

class CustomerAuthBackend(object): 

    def authenticate(self, name=None, password=None): 
     try: 

      user = Customer.objects.get(name=name) 

      if password == getattr(user,'password'): 

       user.is_active = True 
       # print "is_active: %s" %user.is_active 
       return user 
      else: 
       # Authentication fails if None is returned 
       return None 
     except Customer.DoesNotExist: 
      return None 

    def get_user(self, user_id): 
     try: 
      return Customer.objects.get(pk=user_id) 
     # TODO: may delete 
     except Customer.DoesNotExist: 
      return None 

class StaffAuthBackend(object): 

    def authenticate(self, name=None, password=None): 
     try: 
      # TODO : check User is None 
      user = Staff.objects.get(name=name) 

      if password == getattr(user,'password'): 

       Staff.is_active = True 

       return user 
      else: 
       return None 
     except Staff.DoesNotExist: 
      return None 

    def get_user(self, user_id): 
     try: 
      return Staff.objects.get(pk=user_id) 
     # TODO: may delete 
     except Staff.DoesNotExist: 
      return None 

Answer 1

您的登录视图要求您先登录（@login_required）

因此，您永远无法登录，因为您需要登录才能登录，但您尚未登录，因此您无法登录，因为无法登录该页面以便登录。

所以，如果你想能够登录你需要删除装饰，所以你的登录视图不会要求你登录才能登录，因为毕竟，如果你已经登录，那么你不会尝试登录。