Some users are still having problems with the pop-up login. I think they are actually getting 403s because of the CSRF protection. So I have modified the base template to always have a javascript variable called csrf_token available when they aren't logged in. The ajax_login.js script was then modified to send this value with the ajax post. Fingers crossed.

"""
This file contains the automatic admin site definitions for the Smiley models.
"""

from django.contrib import admin
from smiley.models import Smiley

class SmileyAdmin(admin.ModelAdmin):
    list_display = ('title', 'code', 'html', 'is_extra')
    list_filter = ('is_extra', )

admin.site.register(Smiley, SmileyAdmin)