Django login form in header

Question

I have a generic login form that works perfectly using the login module from django.contrib.auth.views

What I am trying to do is have a login dropdown that is visible from the website header (which is included on all pages) if the user is not authenticated. I have the dropdown working correctly if the user is not authenticated, but after filling out the username/password, nothing happens.

I think this example is close, but I can't quite get it to work: django - what goes into the form action parameter when view requires a parameter?

Does the approach of sending the formaction property of the submit button to a different URL seem like the right decision? Is there another preferred method to accomplish this?

#relevant form code from the header.html include
<form action="" method="post" class="submission-form">
  {% if form.errors %}
    <p class="error">Sorry, that is not a valid username or password</p>
  {% endif %}
    <label for="username">User name:</label>
    <input type="text" name="username" id="username">
    <label for="password">Password:</label>
    <input type="password" name="password" id="password">

    <input type="submit" value="login" action="http://mysite.com/accounts/login/" />{% csrf_token %}
    <input type="hidden" name="next" value="{{ next|escape }}" />
  </form>

This code was copied directly from my login page which works correctly.

Let me know of any other pieces of code that will help answer the question.

Answer 1

Thanks to some feedback here and on Pythonanywhere, I've been able to solve this issue.

I had narrowed it down to a problem passing the HTML since the login works correctly on the /accounts/login/ page. I found out that the logging in from the header worked only on the /accounts/login/, but the other pages it did not, so that meant there definitely was a problem passing to the page.

The problem ended up being that I had the input property named "action", when it should have been "formaction". I knew it was really close and it would be something dumb like that :-)

Answer 2

There's absolutely nothing wrong with setting your form's action property to a URL that is different than the current view being viewed in order to perform your login.

You can always bring the user directly back to the page they were viewing by setting the next hidden field in your form to the value of the current URL, then passing that to the built-in login view, or redirect them somewhere else...it's entirely up to you.