htmlpython-3.xdjangoformsdjango-forms

HTML form action - Login Page Validation in Django


I've a login page which takes Username, Email ID and Password. I check if these values are matching with database data in views.py file. If those three values are correct, that means, user already exists and user wants to see the homepage. If entered values are not matching, that means, user does not exist, and want to show an error message "User does not exist, please signup", in the same html page.

I've done the verification part in views.py. But when I click on Submit button on Login page, even if the user doesn't exist, it's going to Homepage.

Login.html

<body>
<div class = "tablediv">
    <div><h1>LOGIN FORM</h1></div>
    {% if message != "verification successfull!" %}
        <p class = "error">{{ message }}</p>
        <form action="" method="POST">
    {% else %}
        <form action="{% url 'helloworld' %}" method="POST">
    {% endif %}
        {% csrf_token %}
        <div>
            <label for = "name"><b>Username</b></label><br>
            <input type = "text" id = "name" placeholder = "Enter username here" name = "username" required> 
        </div><br>
        <div>
            <label for = "mail"><b>Email ID</b></label><br>
            <input type = "email" id ="mail" placeholder=" Enter mail id here" name = "email">
        </div>
        <br>
        <div>
            <label for = "pass" maxlength = "10" ><b>Password</b></label><br>
            <input type = "password" id = "pass" name = "password" required>
        </div>
        <br>
        <div>   
            <input type = "checkbox" id = "remember" checked>
            <label for="remember">Remember me</label>
        </div>
        <br>
        <input type = "submit" value = "LOGIN">
    </form>
</div>
<div class="container" >
    <!-- <button type="button" class="cancelbtn">Cancel</button>s -->
    <span class="psw">Forgot <a href="#">password?</a></span>
</div>

Views.py

def Login(request):
username = ''
passwd = ''
email = ''
signupform = SignUPform(request.POST)
print(request.method)
dbprint = list(SignUPdb.objects.all().values())
print(dbprint)
for i in dbprint:
    i.pop('id')
print(dbprint)
message = ""
if request.method == "POST" and signupform.is_valid():
    print("inside POST")
    username = signupform.cleaned_data['username']
    email = signupform.cleaned_data['email']
    passwd = signupform.cleaned_data['password']
    newdict = {
        'username' : username,
        'email' : email,
        'password' : passwd
    }
    print(newdict)
    if newdict in dbprint:
        message = "verification successfull!"
        print(message)
    else:
        message = "user not found. please signup to proceed."
        print(message)
return render(request, "login.html", {'message' : message })

def Home(request):
return HttpResponse("Hello World <3 !!")

Urls.py

urlpatterns = [
path('addtodb/', FormPage, name = 'addtodb'),
path('helloworld/', Home, name = 'helloworld'),]

form.html

<form action = "/form/" method = "POST">
{% csrf_token %}
<label for="your_name">Your name: </label>
<input id="your_name" type="text" name="name" REQUIRED>
<input type="submit" value= ok ><br>

Solution

  • You Should Handled the Naviagtor to the Function not in the html. Here the code for View.py

    def Login(request):
    username = ''
    passwd = ''
    email = ''
    signupform = SignUPform(request.POST)
    print(request.method)
    dbprint = list(SignUPdb.objects.all().values())
    print(dbprint)
    for i in dbprint:
        i.pop('id')
    print(dbprint)
    message = ""
    if request.method == "POST" and signupform.is_valid():
        print("inside POST")
        username = signupform.cleaned_data['username']
        email = signupform.cleaned_data['email']
        passwd = signupform.cleaned_data['password']
        newdict = {
            'username' : username,
            'email' : email,
            'password' : passwd
        }
        print(newdict)
        if newdict in dbprint:
            message = "verification successfull!"
            print(message)
            return redirect('helloworld') // add this logic
        else:
            message = "user not found. please signup to proceed."
            print(message)
        return render(request, "login.html", {'message' : message })
    
    def Home(request):
    return HttpResponse("Hello World <3 !!")
    

    And You should also improve your html code. The html code goes like this:

    <body>
    <div class = "tablediv">
        <div><h1>LOGIN FORM</h1></div>
    {% if message %}
        <p class="error">{{ message }}</p>
    {% endif %} 
        <form action="{% url 'helloworld' %}" method="POST">
            {% csrf_token %}
            <div>
                <label for = "name"><b>Username</b></label><br>
                <input type = "text" id = "name" placeholder = "Enter username here" name = "username" required> 
            </div><br>
            <div>
                <label for = "mail"><b>Email ID</b></label><br>
                <input type = "email" id ="mail" placeholder=" Enter mail id here" name = "email">
            </div>
            <br>
            <div>
                <label for = "pass" maxlength = "10" ><b>Password</b></label><br>
                <input type = "password" id = "pass" name = "password" required>
            </div>
            <br>
            <div>   
                <input type = "checkbox" id = "remember" checked>
                <label for="remember">Remember me</label>
            </div>
            <br>
            <input type = "submit" value = "LOGIN">
        </form>
    </div>
    <div class="container" >
        <!-- <button type="button" class="cancelbtn">Cancel</button>s -->
        <span class="psw">Forgot <a href="#">password?</a></span>
    </div>