Html - Failure to register comments without login

zahrashokrizadeh
October 29, 2023
107 views
0 votes
2 Answers

Comments are registered on the desired page, and for people who aren’t logged in, if they want to leave a comment, it says to enter the site first, but later the comments are registered under the name AnonymousUser. I don’t want this registration to happen.
Which part and how should be edited?

in views.py:

comments = Comment.objects.filter(product=product)

if request.method == 'POST':

    # comment

    if 'comment' in request.POST:
        author = request.user
        content = request.POST.get('content')
        comment = Comment(product=product, author=author, content=content)
        comment.save()


context = {
        'comments': comments, 
        }



return render(request, 'auctions/product_detail.html', context)

in product_detail.html:

<h3 id="h3">Comments</h3>

    {% if user.is_authenticated %}
        <ul>
            {% for comment in comments %}
                <li><a>{{ comment.author }} : {{comment.content}}</a></li>
            {% endfor %}
       </ul>   
    {% else %}
       Not signed in.
    {% endif %}

Thanks in advance for your help

Answers

- michjnich
- October 29, 2023 at 9:34 am
- 0 votes
0
Your if user.is_authenticated is only in the template, so you’re only deciding whether to show the comments to users based on their authentication status.

In your django views there is always a user associated with the request. If they’re not logged in it’s just an anonymous user.

You have a couple of options:
1. You put authentication checks on the view so that only logged in users can access the view at all.
2. You check the authentication status of the user when the view is POSTed (which you’re not doing at all – this is where you check if it is a POST), and if they are not logged in, the validation fails and no changes (i.e. new comments) are submitted. You also set some kind of failure message so the user knows they have to log in to make a comment.
Login or Signup to reply.

- TemiTopeYankey
- October 29, 2023 at 10:31 am
- 0 votes
0
It seems like you’re allowing comments to be posted by users who are not logged in, but you want to prevent these comments from being attributed to an "AnonymousUser." To achieve this, you should check whether the user is authenticated before attempting to create a comment with their username.

Here’s an updated version of what your views.py should look like:
```
from django.contrib.auth.decorators import login_required

@login_required
def product_detail(request, product_id):
    product = get_object_or_404(Product, pk=product_id)
    comments = Comment.objects.filter(product=product)

    if request.method == 'POST' and 'comment' in request.POST:
        author = request.user
        content = request.POST.get('content')
        comment = Comment(product=product, author=author, content=content)
        comment.save()

    context = {
        'comments': comments,
    }

    return render(request, 'auctions/product_detail.html', context)
```
In this version, the @login_required decorator is used to ensure that only authenticated users can access the product_detail view. If a user is not authenticated, they will be redirected to the login page (The LOGIN_URL in your settings.py).

This way, if a user is not logged in and tries to post a comment, they will be prompted to log in first, and the comment won’t be saved as an "AnonymousUser."
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.

Html – Failure to register comments without login

Answers