Not able to log in to the django admin page with a valid username and password

Question

EDITED :

I have hosted a website on amazon AWS with domain say ( www.abc.com ) .

First : I tried to login to the django admin site , but its redirecting again to same page without showing any error (Note : username and password are correct)

Second : After successful signup, try to login to django internal page with a username and password: Its redirecting to same login page by adding next keyword between url.

http://www.abc.com/login/?next=/employee/jcbdfvdhdfhvhdfsvsdhfhb-super-admin/home/dashboard/

Found one thing after investigating servers:

I have stoped all application like wsgi , suprervisorctl , ngnix etc. and then run following command on ec2 aws console(Terminal)

 python manage.py   xxx.xx.xx.xx:8000 

NOTE : xxx.xx.xx.xx is my domain(www.abc.com) IP

It successfully able to login at django-admin-site as well as project internal page.

Is there anything , I am missing in djano-settings? I am stuck with this problem for long time . Any answer will be appreciable.

Please ask me if you need code from my project.

Checked all options from here : Unable log in to the django admin page with a valid username and password

EDITED settings.py file :

import sys, os
from os.path import abspath, basename, dirname, join, normpath

### from 2 scoops of django
# Normally you should not import
# ANYTHING from Django directly into
# your abc_settings, but
# ImproperlyConfigured is an
# exception.
from django.core.exceptions \
    import ImproperlyConfigured

msg_get ="Set the %s environment variable"
msg_unset ="The %s environment variable not defined"

def get_env_variable(var_name):
    try:
        return os.environ[var_name]
    except KeyError:
        error_msg = msg_get % var_name
        raise ImproperlyConfigured(error_msg)

def set_env_variable(var_name, value_str):
    os.environ[var_name] = value_str

def unset_env_variable(var_name):
    try:
        del os.environ[var_name]
    except KeyError:
        error_msg = msg_unset % var_name
        raise ImproperlyConfigured(error_msg)
### end snippet

ATOMIC_REQUESTS = True

########## PATH CONFIGURATION

# Absolute filesystem path to this Django project directory.
DJANGO_ROOT = dirname(dirname(dirname(abspath(__file__))))
CONFIG_ROOT = dirname(dirname(abspath(__file__)))

import sys


sys.path.append(normpath(join(DJANGO_ROOT, 'apps')))

# Site name.
SITE_NAME = basename(DJANGO_ROOT)
SITE_ID = 1
# Absolute filesystem path to the top-level project folder.
SITE_ROOT = dirname(DJANGO_ROOT)

# Add all necessary filesystem paths to our system path so that we can use
# python import statements.
sys.path.append(SITE_ROOT)
#sys.path.append(normpath(join(DJANGO_ROOT, 'apps')))
#sys.path.append(normpath(join(DJANGO_ROOT, 'libs')))
#########/# END PATH CONFIGURATION

########## SECURITY CONFIGS
def set_secret_key_env():
    # Generating a SECRET_KEY. Will be auto-generated the first time this file is interpreted.
    try:
        os.environ['SECRET_KEY']
    except KeyError:
        import random
        os.environ['SECRET_KEY'] = \
            ''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)])

#tocheck - is it ok to uncomment this or should we use this to generate a secret key and set it normally,
#tocheck - in production on heroku for ex?
set_secret_key_env()
SECRET_KEY = get_env_variable('SECRET_KEY')

BROKER_URL = 'redis://localhost:6379/0'
CELERY_RESULT_BACKEND = "redis://"
CELERY_TRACK_STARTED = True
########## END CELERY CONFIGURATION
########## DJANGO-TEMPLATED-EMAIL CONFIGURATION
TEMPLATED_EMAIL_BACKEND = 'templated_email.backends.vanilla_django.TemplateBackend'
TEMPLATED_EMAIL_TEMPLATE_DIR = 'communication/email/' #use '' for top level template dir, ensure there is a trailing slash
TEMPLATED_EMAIL_FILE_EXTENSION = 'email'
########## END DJANGO-TEMPLATED-EMAIL CONFIGURATION
########## MANAGER CONFIGURATION
# Admin and managers for this project. These people receive private site
# alerts.
#tothink - should this be different for different environments
ADMINS = (
    ('Nirmal', 'nighggngh@abc.com'),
    ('Harsha', 'jjjjjjjgarkkwal@abc.com'),
)
########## URL CONFIGURATION
ROOT_URLCONF = '%s.urls' %SITE_NAME
########## END URL CONFIGURATION

MANAGERS = ADMINS
########## END MANAGER CONFIGURATION

########## GENERAL CONFIGURATION
# Hosts/domain names that are valid for this site; required if DEBUG is False
# See https://docs.djangoproject.com/en/1.5/ref/abc_settings/#allowed-hosts
ALLOWED_HOSTS = ['www.abc.com']

TIME_ZONE = 'Asia/Kolkata'

WSGI_APPLICATION = 'abc.wsgi.application'

# If you set this to False, Django will not use timezone-aware datetimes.
USE_TZ = False

# Language code for this installation. All choices can be found here:
# http://www.i18nguy.com/unicode/language-identifiers.html.
LANGUAGE_CODE = 'en-us'


USE_I18N = False

# If you set this to False, Django will not format dates, numbers and
# calendars according to the current locale.
USE_L10N = True
########## END GENERAL CONFIGURATION
########## EMAIL CONFIGURATION
#todo - should probably go into environment variables
#todo - get actual domain email etc
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.abc.com'
EMAIL_PORT = 587
#change this to proper email with hems domain
EMAIL_HOST_USER = 'abc@abc.com'
EMAIL_HOST_PASSWORD ='websupport2307'
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL  = 'abc@abc.com'
#EMAIL_USE_TLS = True
# ########## END EMAIL CONFIGURATION

########## MEDIA CONFIGURATION
# Absolute filesystem path to the directory that will hold user-uploaded files.
MEDIA_ROOT = normpath(join(DJANGO_ROOT, 'media')).replace('\\','/')

# URL that handles the media served from MEDIA_ROOT.
MEDIA_URL = '/media/'
########## END MEDIA CONFIGURATION
AUTHENTICATION_BACKENDS = ('custom.backends.EmailOrUsernameModelBackend','django.contrib.auth.backends.ModelBackend')

STATIC_ROOT = normpath(join(DJANGO_ROOT, 'final_static'))

# URL prefix for assets files.
STATIC_URL = '/static/'

# URL prefix for admin assets files -- CSS, JavaScript and images.
ADMIN_MEDIA_PREFIX = '/assets/admin/'

# Additional locations of assets files.
STATICFILES_DIRS = (
    normpath(join(DJANGO_ROOT, 'static')),
    )

# List of finder classes that know how to find assets files in various
# locations.
STATICFILES_FINDERS = (
    'django.contrib.staticfiles.finders.FileSystemFinder',
    'django.contrib.staticfiles.finders.AppDirectoriesFinder',
    #'django.contrib.staticfiles.finders.DefaultStorageFinder',
    )

TEMPLATE_CONTEXT_PROCESSORS =('django.contrib.messages.context_processors.messages',
                              'django.contrib.auth.context_processors.auth',
                              "django.core.context_processors.request"
                                )

TEMPLATE_LOADERS = (
    'django.template.loaders.filesystem.Loader',
    'django.template.loaders.app_directories.Loader',
    #'django.template.loaders.eggs.Loader',
    )

# Directories to search when loading templates.
TEMPLATE_DIRS = (
    normpath(join(DJANGO_ROOT, 'templates')),
    normpath(join(DJANGO_ROOT, 'templates/Home_Page')),
    normpath(join(DJANGO_ROOT, 'templates/Marketplace')),
    normpath(join(DJANGO_ROOT, 'templates/Organisation')),
    normpath(join(DJANGO_ROOT, 'templates/Organisation_Role')),
    normpath(join(DJANGO_ROOT, 'templates/base')),
    normpath(join(DJANGO_ROOT, 'templates/external')),
    normpath(join(DJANGO_ROOT, 'templates/certificates')),
    normpath(join(DJANGO_ROOT, 'templates/password_reset')),
    normpath(join(DJANGO_ROOT, 'templates/support_dashboard')),
    )

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
  #  'django.contrib.sessions.backends.signed_cookies',
    'custom.subdomain.SubdomainMiddleware', #middleware for subdomain
    )


INSTALLED_APPS = (
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.sites',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    #    # Admin panel and documentation.

    'django.contrib.admin',
    #   'django.contrib.admindocs',

    # South migration tool.
    'south',
    # Celery task queue.
    'djcelery',
    'apps.certificates',
    'apps.account_subscription',
    'apps.common_ds',
    'apps.location',
    'apps.communication,
    'apps.transanction_history',
    'rest_framework',
    'apps.external_user',
    'gunicorn',
    #'notification'
    #django extensions (recommended by 2 scoops of django)
 )

 import djcelery
djcelery.setup_loader()

CELERY_IMPORTS = (
    'apps.communication.functionality.email',
    'apps.organisation_roles.functionality.parse_employees_from_file',
)


LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'handlers': {
        'file': {
            'level': 'INFO',
            'class': 'logging.FileHandler',
            'filename': '/home/ubuntu/logs/abc/logger.log',
        },
    },
    'loggers': {
        'django.request': {
            'handlers': ['file'],
            'level': 'INFO',
            'propagate': True,
        },
    },
}


AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
SESSION_SAVE_EVERY_REQUEST = True
SESSION_COOKIE_AGE = 86400 # sec
SESSION_COOKIE_DOMAIN = '.abc.com'
SESSION_COOKIE_NAME = 'DSESSIONID'
SESSION_COOKIE_SECURE = False



DEBUG = True
TEMPLATE_DEBUG = DEBUG
LOGIN_URL = '/login/'
########## END DEBUG CONFIGURATION



########## DATABASE CONFIGURATION
#todo should go into environment variables
import dj_database_url
import os
if not os.environ.has_key('DATABASE_URL'):
    os.environ['DATABASE_URL'] = 'postgres://abc:abc@abc-db.us-east-1.rds.amazonaws.com/dev_abc_db'

DATABASES = {
    'default': dj_database_url.config(default=os.environ['DATABASE_URL'])

Answer 1

Your settings file seems fine. Are you using Gunicorn with multiple workers, If yes than try with single worker only. Actually sessions won't transfer between multiple workers unless you bring some middle layer storage component to it like memcached or redis. Faced same issue some time back. Hope it solves your problem :)

Answer 2

First try comment out all of the following lines, and restart your server...

#AUTHENTICATION_BACKENDS = ('custom.backends.EmailOrUsernameModelBackend','django.contrib.auth.backends.ModelBackend')

#   'apps.communication,

#AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
#SESSION_EXPIRE_AT_BROWSER_CLOSE = True
#SESSION_SAVE_EVERY_REQUEST = True
#SESSION_COOKIE_AGE = 86400 # sec
#SESSION_COOKIE_DOMAIN = '.abc.com'
#SESSION_COOKIE_NAME = 'DSESSIONID'
#SESSION_COOKIE_SECURE = False

Things I noticed:

1: in INSTALLED_APPS you have a missing apostrophe after 'apps.communication

INSTALLED_APPS = (
   'django.contrib.auth',
   # -- snip --
   'apps.communication,
)

2: you have AUTHENTIOCATION_BACKENDS defined twice. In this case your 2nd tuple is simply stepping on the first.

3: the order of authentication backends is important.

4: you do not need to list the 'django.contrib.auth.backends.ModelBackend' as it will be searched if 'django.contrib.auth' is in your INSTALLED_APPS. ( which you have configured )

Answer 3

This may seem like "low-hanging fruit", but I've experienced problems like this from time-to-time (login to Django Admin only to be returned to the login page for no apparent reason) as well. What has proven to be a solution every time is to clear my browser cache and cookies...ALL of them (rather than just the last hour or so).

Hope this helps.