Django 身份验证和 Ajax - 需要登录的 URL [英] Django authentication and Ajax - URLs that require login
问题描述
我想为我的 Django 编码网站添加一些 Ajax-niceness.
I want to add some Ajax-niceness to my Django-coded website.
在我的 Django 代码中,我使用 django.contrib.auth.decorators
中的 @login_required
装饰器来标记哪个视图需要身份验证.未通过身份验证的用户单击它时的默认行为是将他/她重定向到登录页面,然后传递目标页面.
In my Django code, I use the @login_required
decorator from django.contrib.auth.decorators
to mark which view requires authentication. The default behavior when a not authenticated user clicks it is to redirect him/her to login page, and then pass the target page.
我在某些网站上看到的并且非常喜欢的是,当用户单击指向仅限登录用户访问的位置的链接时,他/她不会被重定向到登录页面,而是会收到一个弹出窗口(通过JavaScript) 要求他/她登录或注册.没有重定向部分,因此如果用户认为他/她真的不喜欢该网站而浪费时间注册,则无需使用后退"键.
What I saw on some sites, and really liked, is that when user clicks a link leading to a place restricted to logged-only users, instead of getting redirected to a login page, he/she gets a popup window (via JavaScript) asking him/her to log in or register. There's no redirection part, so no need for a user to use the "back" key if he/she decides he/she really doesn't like the website enough to waste the time registering.
那么,问题是:您将如何管理自动将某些链接标记为受限"的任务,以便 JavaScript 可以处理它们的 onclick
事件并显示请登录"弹出窗口?
So, the qestion is: how would you manage the task of automatically marking some links as "restricted" so JavaScript can handle their onclick
event and display a "please log in" popup?
推荐答案
我面临着同样的问题,并且和你一样,我想要一个简单的装饰器来包裹 Django ajax 视图,以便在相同的情况下处理身份验证我有其他看法的方式.对我来说似乎很有希望的一种方法是将这样的装饰器与 JavaScript 结合使用,以在响应中查找特定值.
I am facing the same issue, and, like you, I would like a simple decorator to wrap around a Django ajax view in order to handle authentication in the same way that I have other views. One approach that seems promising to me is to use such a decorator in conjunction with JavaScript that looks for a certain value in the response.
这是装饰器的第一次修订稿:
from functools import wraps
def ajax_login_required(view_func):
@wraps(view_func)
def wrapper(request, *args, **kwargs):
if request.user.is_authenticated():
return view_func(request, *args, **kwargs)
json = simplejson.dumps({ 'not_authenticated': True })
return HttpResponse(json, mimetype='application/json')
return wrapper
这是视图:
@ajax_login_required
def ajax_update_module(request, module_slug, action):
# Etc ...
return HttpResponse(json, mimetype='application/json')
这里是 JavaScript (jQuery):
And here is the JavaScript (jQuery):
$.post('/restricted-url/', data, function(json) {
if (json.not_authenticated) {
alert('Not authorized.'); // Or something in a message DIV
return;
}
// Etc ...
});
<小时>
EDIT:按照建议,我尝试使用 functools.wraps
.我实际上并没有在工作代码中使用过这个装饰器,所以请注意可能的错误.
EDIT: I've attempted to use functools.wraps
, as suggested. I have not actually used this decorator in working code, so beware of possible bugs.
这篇关于Django 身份验证和 Ajax - 需要登录的 URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!