admin django python login mod-wsgi
I can’t log in to the django admin page. When I enter a valid username and password, it just brings up the login page again, with no error messages
This question is in the django FAQ, but I've gone over the answers there and still can't get past the initial login screen.
I'm using django 1.4 on ubuntu 12.04 with apache2 and modwsgi.
I've confirmed that I'm registering the admin in the admin.py file, made sure to syncdb after adding INSTALLED_APPS.
When I enter the wrong password I DO get an error, so my admin user is being authenticated, just not proceeding to the admin page.
I've tried both setting SESSION_COOKIE_DOMAIN to the machine's IP and None. (Confirmed that the cookie domain shows as the machine's IP in chrome)
Also, checked that the user authenticates via the shell:
>>> from django.contrib.auth import authenticate
>>> u = authenticate(username="user", password="pass")
>>> u.is_staff
True
>>> u.is_superuser
True
>>> u.is_active
True
Attempted login using IE8 and chrome canary, both results in the same return to the login screen.
Is there something else I'm missing????
settings.py
...
MIDDLEWARE_CLASSES = (
'django.middleware.gzip.GZipMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.middleware.transaction.TransactionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
INSTALLED_APPS = (
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.admin',
'django.contrib.staticfiles',
'django.contrib.gis',
'myapp.main',
)
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
SESSION_SAVE_EVERY_REQUEST = True
SESSION_COOKIE_AGE = 86400 # sec
SESSION_COOKIE_DOMAIN = None
SESSION_COOKIE_NAME = 'DSESSIONID'
SESSION_COOKIE_SECURE = False
urls.py
from django.conf.urls.defaults import * #@UnusedWildImport
from django.contrib.staticfiles.urls import staticfiles_urlpatterns
from django.contrib import admin
admin.autodiscover()
urlpatterns = patterns('',
(r'^bin/', include('myproject.main.urls')),
(r'^layer/r(?P<layer_id>\d+)/$', "myproject.layer.views.get_result_layer"),
(r'^layer/b(?P<layer_id>\d+)/$', "myproject.layer.views.get_baseline_layer"),
(r'^layer/c(?P<layer_id>\d+)/$', "myproject.layer.views.get_candidate_layer"),
(r'^layers/$', "myproject.layer.views.get_layer_definitions"),
(r'^js/mapui.js$', "myproject.layer.views.view_mapjs"),
(r'^tilestache/config/$', "myproject.layer.views.get_tilestache_cfg"),
(r'^admin/', include(admin.site.urls)),
(r'^sites/', include("myproject.sites.urls")),
(r'^$', "myproject.layer.views.view_map"),
)
urlpatterns += staticfiles_urlpatterns()
Apache Version:
Apache/2.2.22 (Ubuntu) mod_wsgi/3.3 Python/2.7.3 configured
Apache apache2/sites-available/default:
<VirtualHost *:80>
ServerAdmin ironman@localhost
DocumentRoot /var/www/bin
LogLevel warn
WSGIDaemonProcess lbs processes=2 maximum-requests=500 threads=1
WSGIProcessGroup lbs
WSGIScriptAlias / /var/www/bin/apache/django.wsgi
Alias /static /var/www/lbs/static/
</VirtualHost>
<VirtualHost *:8080>
ServerAdmin ironman@localhost
DocumentRoot /var/www/bin
LogLevel warn
WSGIDaemonProcess tilestache processes=2 maximum-requests=500 threads=1
WSGIProcessGroup tilestache
WSGIScriptAlias / /var/www/bin/tileserver/tilestache.wsgi
</VirtualHost>
UPDATE
The admin page does proceed when using the development server via runserver so it seems like a wsgi/apache issue. Still haven't figured it out yet.
SOLUTION
The problem was that I had the settings file SESSION_ENGINE value set to 'django.contrib.sessions.backends.cache' without having the CACHE_BACKEND properly configured.
I've changed the SESSION_ENGINE to 'django.contrib.sessions.backends.db' which resolved the issue.
Thanks, I've checked the session table, and it appears that an entry is not created. I double-checked and my settings are the same as you've posted above, and I'm seeing no entry in the table.
Ok, this pointed me in the right direction. As suspected it was a mis-configuration on my part. the SESSION_ENGINE value was set to 'django.contrib.sessions.backends.cache' without having the CACHE_BACKEND properly configured. I've changed the SESSION_ENGINE to 'django.contrib.sessions.backends.db' which resolved the issue.
Like @daigorocub, I only had to do
SESSION_COOKIE_SECURE = False. Apparently when this is set to True and the connection is not over HTTPS (typical for a dev setup), the login can't be noted since there is no session cookie, so you are directed to log in again. Seems like there should be an error when the setting requires secure cookies and the connection isn't secure - kind of a big red flag that your network security is messed up - but it did solve the immediate problem with logging into admin.In my case, I was using RemoteUserBackend for authentication, but I had forgotten to configure Nginx to set REMOTE_USER on the machine that wasn't working.
Commenting out this
AUTHENTICATION_BACKENDS = ['Authentication.backends.EmailBackend']worked for me. But does that mean i have to always comment it out whenever i have to login to django admin ?