姜戈《记住我》带有内置登录视图和身份验证表单 [英] Django "Remember Me" with built-in login view and authentication form

问题描述

如何重用原始的 admin login() 和 AuthenticationForm 为在登录页面选中记住我"选项的用户设置更长的 cookie 长度?我目前正在通过 urls.py 使用内置登录

How can I reuse the original admin login() and AuthenticationForm to set longer cookie length for users with "remember me" option checked at login page? I am currently using the built-in login through urls.py

url(r'^login/$','django.contrib.auth.views.login', {'template_name': 'authentication/login.html'}, name='login'),

复选框在我的 login.html 中实现为:

The checkbox is implemented in my login.html as:

<label><input name="remember_me" type="checkbox">Keep me logged in</label>

但我不确定如何通过 AuthenticationForm 将该信息传递给 django.contrib.auth.views.login

but I am not sure how to pass that information through the AuthenticationForm to the django.contrib.auth.views.login

目前，如果用户未选中记住我"框，则 cookie 年龄在 settings.py 中定义

Currently, if the user logs "remember me" box unchecked, the cookie age is defined in settings.py

SESSION_COOKIE_AGE = 360

我发现了几个类似的问题，但我认为这不需要安装单独的应用程序.下面的片段 (http://djangosnippets.org/snippets/1881/) 看起来很有希望，但我有编码 python 和 Django 仅几个月，我无法让它工作:

I found couple of similar questions but I don't think this should require a separate app to be installed. The below snippet (http://djangosnippets.org/snippets/1881/) seemed promising but I have coded python and Django only for couple of months and I wasn't able to get it working:

def login(request, *args, **kwargs):
    if request.method == 'POST':
        if not request.POST.get('remember_me', None):
            request.session.set_expiry(0)
    return auth_views.login(request, *args, **kwargs)

推荐答案

django session cookie age 定义在 秒.

The django session cookie age is defined in seconds.

SESSION_COOKIE_AGE = 360

表示会话将在 6 分钟后过期.我最近实现了记住我"功能，并设置了以下内容:

means that the session will expire after 6 minutes. I've recently implemented the 'Remember Me' feature and I set the following:

SESSION_COOKIE_AGE = 60 * 60 * 24 * 30 # One month

登录视图需要覆盖，如您在代码段中所示.

The login view needs override as you've shown in the snippet.

但听起来您遇到了一个奇怪的问题，即关闭浏览器(当记住我未选中时)不需要用户重新登录，如果您使用 set_expiry(0)，则不应发生这种情况.当您使用 set_expiry(0) 时，django 会设置一个会话"长度的 cookie，而不是固定长度的 cookie，并且按照设计它会在浏览器关闭后过期.

But sounds like you're having an odd issue where closing the browser (when remember me is unchecked) is not requiring the user to re-login which should not happen if you use set_expiry(0). When you use set_expiry(0), the django sets a 'session' length cookie as opposed to a fixed length cookie and by design it would expire after browser close.

还有另一个设置会影响在浏览器关闭时清除 cookie.也许您可以尝试更改 SESSION_EXPIRE_AT_BROWSER_CLOSE 设置的值或检查它在您的配置中的现有值.https://docs.djangoproject.com/en/2.2/topics/http/sessions/#browser-length-sessions-vs-persistent-sessions

There's another settings that affects clearing cookie on browser close. Maybe you can try altering the SESSION_EXPIRE_AT_BROWSER_CLOSE setting's value or check it's existing value in your configuration. https://docs.djangoproject.com/en/2.2/topics/http/sessions/#browser-length-sessions-vs-persistent-sessions

这篇关于姜戈《记住我》带有内置登录视图和身份验证表单的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！