Django中的每用户数据库身份验证 [英] Per user database authentication in Django

问题描述

下午好，
我正在写一个存储敏感健康信息的研究数据库的前端。我机构制定了一项政策，即用户操作由SQL Server记录，以便在发生违规时可以对服务器日志文件执行审核。

因此，策略，我不能以系统用户的身份将Django连接到数据库（否​​则，前端操作的所有用户将以Django系统用户的身份（而不是实际用户的身份）由服务器记录。） b

是否有一种方法可以使用按用户凭据连接到数据库，以便在前端执行的操作将作为该用户记录在db服务器上？我已经找到了很多有关使用多个数据库的信息，但是没有关于这些数据库的每个用户身份验证的信息。

谢谢您！

解决方案

我能够完成通过向SQL用户授予IMPERSONATE权限，并在我需要登录models.py的数据库查询之前执行EXECUTE AS。

  cursor = self.connection.cursor（）
 try：
 cursor.execute（ EXECUTE AS + get_current_user（）
除了DatabaseError如e：
 cursor.close （）
加薪e 
  

Good afternoon, I am writing a front-end for a research database that holds sensitive health information. My institution has a policy that user actions be logged by the SQL server so that they can perform audits on the server log files in the event of a breach.

Because of this policy, I cannot connect Django to the db as a system user (otherwise, all users of the front-end actions would be logged by the server as the Django system user instead as the actual user individually).

Is there a way to connect to the DB using per user credentials so that actions performed on the front end will be logged as that user on the db server? I have been able to find a lot of information about using multiple databases, but nothing about per user authentication of those databases.

Thank you in advanced!

解决方案

I was able to accomplish this by giving the SQL user the IMPERSONATE permission and performing EXECUTE AS prior to the DB queries that I needed to have logged in models.py.

    cursor = self.connection.cursor()
    try:
        cursor.execute("EXECUTE AS " + get_current_user()
    except DatabaseError as e:
        cursor.close()
        raise e

这篇关于Django中的每用户数据库身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！