1. 首页
  2. 问答
  3. django授权

django授权

2012-08-31 44 views
0

需要授权。阅读了几篇文章,阅读所有inbuild机制,接受并执行它。他开始这样做。django授权

注册模块django-registration,写自己登录,使用lib django.contrib.auth。如下所示:我在登录页面登录,似乎一切都很好,但当我去另一页面授权时,奇迹般地消失了。据我了解,授权没有写入会话,我只在登录页面获得授权。

我做了以下内容:

  1. 授权的登录页面上。
  2. 记录整个User对象为session
  3. 在每个页面上,我在页面加载时检查的第一件事是会话数据中是否存在User,如果是,请从此处读取它。

来源是这样的:

def login_user(request): 
state = "Please log in below..." 
username = password = '' 
if request.POST: 
    username = request.POST.get('username') 
    password = request.POST.get('password') 

    user = authenticate(username=username, password=password) 
    if user is not None: 
     if user.is_active: 
      login(request, user) 
      state = "You're successfully logged in!" 
     else: 
      state = "Your account is not active, please contact the site admin." 
    else: 
     state = "Your username and/or password were incorrect." 
    request.session['user'] = user 
    return render(request,'auth.html',{'state':state, 'username': username, 'info':'info'})

和网页,我从session阅读:

@csrf_protect 
def home(request): 
    if "user" in request.session: 
     user = request.session['user'] 
    else: 
     user = None 
    return render_to_response('home.html', {'user_name' : user}, context_instance = RequestContext(request))

但我认为,这是一个非常愚蠢的做法。你能建议一个更合适的方法吗?

来源

2012-08-31 Lissomort

回答

1

我不太确定你想达到什么。只要用户登录,您就可以访问request.user.is_authenticated()在您的视图中检查经过身份验证的用户,或者为用户本身访问request.user

来源

2012-08-31 10:23:18 Jingo

0

您不需要将用户添加到会话;这由认证中间件自动完成。

您也不需要手动检查用户;使用login_required decorator

结合这一点,您的登录角度的:

def login_user(request): 
    state = "Please log in below..." 
    username = password = '' 
    if request.POST: 
     username = request.POST.get('username') 
     password = request.POST.get('password') 
    else: 
     return redirect('login/') 

    user = authenticate(username=username, password=password) 
    if user is not None: 
     if user.is_active: 
      login(request, user) 
      state = "You're successfully logged in!" 
     else: 
      state = "Your account is not active, please contact the site admin." 
    else: 
     state = "Your username and/or password were incorrect." 
    return render(request,'auth.html',{'state':state, 'info':'info'})

而在你的其他观点:

from django.contrib.auth.decorators import login_required 
from django.shortcuts import render 

@csrf_protect 
@login_required 
def home(request): 
    return render(request, 'home.html')

在你的模板(从documentation):

{% if user.is_authenticated %} 
    <p>Welcome, {{ user.username }}. Thanks for logging in.</p> 
{% else %} 
    <p>Welcome, new user. Please log in.</p> 
{% endif %}

来源

2012-08-31 10:35:20

相关问题

 相关问题