user authentication problem in django

I am new in python and django.I am trying for a secure user authentication using django framework.I create a login.html page in [templates/user].And if login success user leads to user/ContactSuccess.html.

ContactSuccess.html :

<html>

---------{{request.user.username }}------------

{% if request.user.is_authenticated %}
  <p>Welcome, {{ user.username}}. Thanks for logging in.</p>
{% else %}
  <p>Welcome, new user. Please log in.</p>

{% endif %}
<body>success</body>
</html>

views.py

............

def testlogsuccess(request):<br/>
    if  not request.user.is_authenticated():
        return HttpResponseRedirect("/accounts/login/")        
    else:
        user = request.user.开发者_运维百科is_authenticated()
        return  render_to_response('user/ContactSuccess.html',locals()) 

..............

urls.py:

urlpatterns = patterns('',
    (r'^admin/', include(admin.site.urls)),
    (r'^accounts/login/$',login),
    (r'^accounts/logout/$', logout),
    (r'^accounts/profile/$', views.testlogsuccess),

well its works fine.

the output is:

---------Ji------------

Welcome, . Thanks for logging in.
success .

but my problem is when I stop my devlopment server and then start it again and then try the url 'http://127.0.0.1:8000/accounts/profile/' without login, it still shows the above output. How can I avoid this.

I Am using django 1.3 ,python 2.7.2 and windows7.

---

The problem is that the values which determine whether a user has been authenticated are determined by the browser -- HTTP authentication keeps the username and password stored and then more or less prepends it to every request. In order to stop the login from working, you need to tell the browser to stop.

There is a good deal of pertinent information on that topic here.

Since this is a testing environment, however, and since authentication headers are something which are more or less reset every time you restart the browser, I recommend simply closing the browser and opening it up again... it would be easiest.