Opened 19 years ago
Closed 13 years ago
#159 closed Bug (fixed)
Circular logout problem
Reported by: | Manuzhai | Owned by: | Ash Christopher |
---|---|---|---|
Component: | contrib.admin | Version: | |
Severity: | Normal | Keywords: | admin logout |
Cc: | Ash Christopher | Triage Stage: | Ready for checkin |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
When a not-logged-in user goes to /admin/logout/, they get a login form. When they subsequently log in, they're logged out again. This is probably not desirable behavior; it's very confusing when it happens.
I'm not sure what the correct behavior would be: probably say that the user is already logged out instead of showing a login form, though (with a link to the login form, which could just be /admin/).
Attachments (2)
Change History (16)
comment:1 by , 17 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:2 by , 13 years ago
Easy pickings: | unset |
---|---|
Resolution: | fixed |
Status: | closed → reopened |
UI/UX: | unset |
comment:3 by , 13 years ago
Cc: | added |
---|---|
Keywords: | admin logout added |
Severity: | normal → Normal |
Triage Stage: | Accepted → Unreviewed |
Type: | defect → Bug |
Don't know when it was re-introduced, but tested using r16730 and this problem exists.
To recreate:
1. Log into the admin.
2. Log out of the admin.
You should see a special logout screen that says "Thanks for spending some quality time with the Web site today." Notice that the URL is still set to /admin/logout/.
3. Refresh browser.
You will now get the normal admin login screen. Notice that the url is still set to /admin/logout/.
4. Log back into the admin.
Notice that you are sent to the "Thanks for spending some quality time with the Web site today." screen.
follow-up: 6 comment:4 by , 13 years ago
ashchristopher, I can confirm the same behaviour in Django 1.3 . Are you on this bug now? If so, can you claim it?
comment:6 by , 13 years ago
Replying to wim@…:
ashchristopher, I can confirm the same behaviour in Django 1.3 . Are you on this bug now? If so, can you claim it?
Not on it yet. Already working on a different ticket. Will claim in the future if not already claimed.
comment:7 by , 13 years ago
Adrian -- I have some time to take a look at this ticket if you would like.
comment:8 by , 13 years ago
Owner: | changed from | to
---|---|
Status: | reopened → new |
by , 13 years ago
Attachment: | ticket159.diff added |
---|
Needs review, but couldn't think of a nicer way without major changes to the admin views.
comment:9 by , 13 years ago
Has patch: | set |
---|---|
Status: | new → assigned |
follow-up: 11 comment:10 by , 13 years ago
Patch looks okay, but how about just redirecting to admin:index when the user does not have perms and is on admin:logout?
follow-up: 12 comment:11 by , 13 years ago
Replying to ojii:
Patch looks okay, but how about just redirecting to admin:index when the user does not have perms and is on admin:logout?
Sorry - not quite sure I understand what you mean.
comment:12 by , 13 years ago
Replying to ashchristopher:
Replying to ojii:
Patch looks okay, but how about just redirecting to admin:index when the user does not have perms and is on admin:logout?
Sorry - not quite sure I understand what you mean.
In https://code.djangoproject.com/attachment/ticket/159/ticket159.diff in contrib/admin/sites.py:193 you set the REDIRECT_FIELD_NAME in extra_context, I propose return a HttpResponseRedirect to admin:index, which will then handle the login part anyway.
comment:13 by , 13 years ago
Triage Stage: | Accepted → Ready for checkin |
---|
Patch looks good: has working tests and does what it says on the tin.
Problem no longer exists.