Answer the question
In order to leave comments, you need to log in
R
R
rumak2017-07-27 23:20:36
rumak, 2017-07-27 23:20:36
How to allow a visitor to delete their comments without authorization?
Here is views.py :
def comments_list(request):
comment_list = Comment.objects.all().order_by('-create')
pagination = Paginator(comment_list, 3)
page = request.GET.get('page')
try:
comments = pagination.page(page)
except PageNotAnInteger:
comments = pagination.page(1)
except EmptyPage:
comments = pagination.page(pagination.num_pages)
form = CommentForm(request.POST)
if request.method == 'POST':
if form.is_valid():
comment = form.save()
comment.save()
return redirect('comments:comments_list')
request.session['comment'] = True
else:
form = CommentForm()
temp = 'task/comments_list.html'
body = {
'comments': comments,
'comment_list': comment_list,
'form': form,
# 'username': auth.get_user(request).username,
}
return render(request, temp, body)
def comment_delete(request, pk):
comment = get_object_or_404(Comment, pk=pk)
if not request.user.is_staff or not request.user.is_superuser:
raise Http404
comment.delete()
return redirect('comments:comments_list')Now a comment can be deleted either by a superuser or an authorized user.
Question: is it possible to link a comment, for example, to a cookie so that the visitor can delete it without authorization?
1 answer(s)
@rumak
R
Roman Kitaev, 2017-07-27 @rumak
The ID of the comments written can either be written to signed cookies or to the session. Since there can be a lot of users, you can not store session data on the server, but use signed cookies as storage for sessions (but before using this, get acquainted with all the disadvantages of such storage)
Similar questions
O
N
R
P
H
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question