我想创建一个身份验证后端,允许用户只使用他们的电子邮件log_in(没有用户名,没有密码).
这是我试过的.
backends.py:
from django.conf import settings
from django.contrib.auth.models import User
class EmailAuthBackend(object):
def authenticate(self, username=None, password=None):
try:
user = User.objects.get(email=username)
if user:
return user
except User.DoesNotExist:
return None
settings.py:
AUTHENTICATION_BACKENDS = (
'path_to.backends.EmailAuthBackend',
'django.contrib.auth.backends.ModelBackend',
)
HTML:
<form method="post" action="{% url myproject.views.test %}">
{% csrf_token %}
<input type="text" name="email" value=""/>
<button type="submit">Valider</button>
</form>
视图:
def test(request):
email = ''
if 'email' in request.POST:
email = request.POST.get('email')
if not User.objects.filter(email=email):
User.objects.create(email=email)
user = authenticate(username=email)
if user is not None:
if user.is_active:
auth_login(request, user)
return HttpResponseRedirect(reverse('home'))
它不起作用,用户未经过身份验证.当我去/ admin时我也有这个错误:
AttributeError at /admin/logout/
'EmailAuthBackend' object has no attribute 'get_user'
Bar*_*tek 19
对于Django中的每个自定义后端,您需要指定该get_user函数.请参阅文档.该get_user实施可以简单地使用现有的用户表,像你这样的有:
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
这是需要的原因是您需要通过其主键从不同的源获取用户.
虽然Bartek的答案是正确的,但我将提供一个示例,说明通过继承ModelBackend.
from django.contrib.auth.backends import ModelBackend
class EmailAuthBackend(ModelBackend):
def authenticate(self, username=None, password=None, **kwargs):
try:
user = User.objects.get(email=username)
if user.check_password(password):
return user
except ObjectDoesNotExist:
# Run the default password hasher once to reduce the timing
# difference between an existing and a non-existing user (#20760).
User().set_password(password)
在get_user已经被实现的ModelBackend,你会得到许可方式与它一起。
| 归档时间: |
|
| 查看次数: |
8378 次 |
| 最近记录: |