如果用户登录，Django的userena跟踪如何？

Question

与正常的Django用户handeling一样，你可以在用户登录后将会话保存到用户。但是，在阅读userena views.py文件以进行登录之后，我无法看到用户是如何被跟踪的他们登录，该网站将现在他们都记录在我把代码userena如下：

def signin(request, auth_form=AuthenticationForm, 
     template_name='userena/signin_form.html', 
     redirect_field_name=REDIRECT_FIELD_NAME, 
     redirect_signin_function=signin_redirect, extra_context=None): 
""" 
Signin using email or username with password. 

Signs a user in by combining email/username with password. If the 
combination is correct and the user :func:`is_active` the 
:func:`redirect_signin_function` is called with the arguments 
``REDIRECT_FIELD_NAME`` and an instance of the :class:`User` whois is 
trying the login. The returned value of the function will be the URL that 
is redirected to. 

A user can also select to be remembered for ``USERENA_REMEMBER_DAYS``. 

:param auth_form: 
    Form to use for signing the user in. Defaults to the 
    :class:`AuthenticationForm` supplied by userena. 

:param template_name: 
    String defining the name of the template to use. Defaults to 
    ``userena/signin_form.html``. 

:param redirect_field_name: 
    Form field name which contains the value for a redirect to the 
    successing page. Defaults to ``next`` and is set in 
    ``REDIRECT_FIELD_NAME`` setting. 

:param redirect_signin_function: 
    Function which handles the redirect. This functions gets the value of 
    ``REDIRECT_FIELD_NAME`` and the :class:`User` who has logged in. It 
    must return a string which specifies the URI to redirect to. 

:param extra_context: 
    A dictionary containing extra variables that should be passed to the 
    rendered template. The ``form`` key is always the ``auth_form``. 

**Context** 

``form`` 
    Form used for authentication supplied by ``auth_form``. 

""" 
form = auth_form 

if request.method == 'POST': 
    form = auth_form(request.POST, request.FILES) 
    if form.is_valid(): 
     identification, password, remember_me = (form.cleaned_data['identification'], 
               form.cleaned_data['password'], 
               form.cleaned_data['remember_me']) 
     user = authenticate(identification=identification, 
          password=password) 
     if user.is_active: 
      login(request, user) 
      if remember_me: 
       request.session.set_expiry(userena_settings.USERENA_REMEMBER_ME_DAYS[1] * 86400) 
      else: request.session.set_expiry(0) 

      if userena_settings.USERENA_USE_MESSAGES: 
       messages.success(request, _('You have been signed in.'), 
           fail_silently=True) 

      # Whereto now? 
      redirect_to = redirect_signin_function(
       request.REQUEST.get(redirect_field_name), user) 
      return redirect(redirect_to) 
     else: 
      return redirect(reverse('userena_disabled', 
            kwargs={'username': user.username})) 

if not extra_context: extra_context = dict() 
extra_context.update({ 
    'form': form, 
    'next': request.REQUEST.get(redirect_field_name), 
}) 
return ExtraContextTemplateView.as_view(template_name=template_name, 
             extra_context=extra_context)(request) 

Answer 1

用户使用的

用户第一次认证=认证（识别=识别，密码=密码）

可以在这里找到https://github.com/django/django/blob/master/django/contrib/auth/backends.py 该方法检查用户是否存在，并检查密码是否正确。

如果一切顺利的话，在登录方法被称为

登录（请求用户）

可以在这里找到 https://github.com/django/django/blob/master/django/contrib/auth/views.py

正如你所看到的，这些都是Django提供了两种方法，并且充当Django的'默认'认证包。

您的网站知道用户已登录，因为您可能正在使用中间件（特别是SessionMiddleware和AuthenticationMiddleware），它将会话和用户对象附加到请求中。上面提到的登录方法将用户标识保存到会话中。

欲了解更多详情，请参阅https://docs.djangoproject.com/en/dev/topics/auth/#authentication-in-web-requests

---

关于您的评论：

你可以使用的RequestContext渲染你的模板，或者你的观点返回TemplateResponse。 参见https://docs.djangoproject.com/en/dev/ref/template-response/#using-templateresponse-and-simpletemplateresponse

此经过用户对象模板处理器。 然后，在你的模板，你可以做这样的事情：

{% if user.is_authenticated %} 
<p>Welcome {{ user.first_name }}</p> 
{% else %} 
<p>Please log in</p> 
{% endif %} 

另见https://docs.djangoproject.com/en/dev/topics/auth/#id8

在我看来，这的确是非常可能把这个修改后的版本在你的base.html文件。例如，如果用户未登录，则显示登录按钮，并在用户登录时将其替换为一个可将用户带到其个人资料页面的按钮。