I have a pretty strange situation within my django project. I have a LoginForm where a user can log into the website. I am using django 3.2.12
with some other libraries like django-crispy-forms
and so on.
I implemented django-crowd-auth so that users can access the page with crowd. I made the neccessary configurations in settings.py
and the app is running without any issues.
Afterwards I gave my existing user is_staff
and is_superuser
permissions to access the django administration.
I did it like this:
python manage.py shell
>>> from django.contrib.auth.models import User
>>> user = User.objects.get(username="<myuser>")
>>> user.is_staff = True
>>> user.is_superuser = True
>>> print(user.is_staff)
True
>>> print(user.is_superuser)
True
>>> user.save()
After that I restart my django app the following way:
sudo <path_to_conda_env_python>/python manage.py runsslserver --certificate <crt-file> --key <pem-file> 0.0.0.0:88
If I try to log into the django administration panel with the user which I just gave the permissions I get the error
"Please enter the correct username and password for a staff account. Note that both fields may be case-senitive"
Returning to the django shell gives me this output
python manage.py shell
>>> from django.contrib.auth.models import User
>>> user = User.objects.get(username="<myuser>")
>>> print(user.is_staff)
False
>>> print(user.is_superuser)
False
It seems that django resets my permission every time I try to log in. But why?
What I already tried:
- Creating a fresh user and give the user the
is_staff
andis_superuser
permissions - Running
python manage.py shell
with sudo
The documentation for django crowd auth says that the variable CROWD_USERS_ARE_STAFF
is set to false
per default. This is okay because newly created users should not have the permission to access the admin page. But this can´t cause the problem right?
Anybody worked with the crowd authentification and has some ideas?
Edit
typo changed save()
to user.save()
I found a temporary solution for my problem. I changed the logic in the
try
block within theuser.py
script. Changing ressource scripts may not the best way but for testing purpose this is fine.