Ticket #12871: auth_comments.diff

File auth_comments.diff, 2.0 KB (added by Scot Hacker, 15 years ago)

Docs for authenticated comment form

  • docs/ref/contrib/comments/index.txt

     
    288288
    289289.. _honeypot: http://en.wikipedia.org/wiki/Honeypot_(computing)
    290290
     291
     292Providing a comment form for authenticated users
     293~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     294
     295If a user is already authenticated, it makes little sense to display name, email,
     296and URL fields, since these can already be retrieved from their login data and
     297profile. In addition, some sites will only accept comments from authenticated users.
     298
     299To provide a comment form for authenticated users, build the form manually in your
     300template as above, but manually provide the additional fields expected by the
     301Django comments framework. For example, assuming comments are attached to the model
     302"item"::
     303
     304    {% if user.is_authenticated %}
     305        {% get_comment_form for item as form %}
     306        <form action="{% comment_form_target %}" method="POST">
     307        {% csrf_token %}
     308        {{ form.comment }}
     309        {{ form.honeypot }}
     310        {{ form.content_type }}
     311        {{ form.object_pk }}
     312        {{ form.timestamp }}
     313        {{ form.security_hash }}
     314        <input type="hidden" name="next" value="{% url item_view item.id %}" />
     315        <input type="submit" value="Add comment" id="id_submit" />
     316        </form>
     317    {% else %}
     318        <p>Please <a href="{% url auth_login %}">log in</a> to leave a comment.</p>
     319    {% endif %}
     320
     321In this example, the honeypot field will still be visible to the user; you'll need
     322to hide that field in your CSS::
     323
     324    #id_honeypot {
     325        visibility:hidden;
     326    }
     327
     328If you want to accept either anonymous or authenticated comments, replace the
     329auth_login line above with a standard comment form, and the right thing will happen
     330whether a user is logged in or not.
     331
    291332More information
    292333================
    293334
Back to Top