MongoEngine用户认证(Django的) [英] MongoEngine User authentication (django)
问题描述
我想在一个Django项目,我写信给使用MongoEngine。我有困难得到(或理解如何)的认证后端工作。
用户对象,据我可以告诉是不是存储在请求。
我有工作,但我不知道如果我在正确的/安全的方式这样做。如果有人可以看看我的code我会更AP preciated。
高清登录(要求):
用户身份验证=(request.POST ['用户名'],request.POST ['密码'])
如果用户不无:
的request.session ['用户'] =用户
如果user.is_authenticated:
返回的Htt presponse(用户)
其他:
返回的Htt presponse(登录失败)高清NEW_PAGE(要求):
尝试:
用户=的request.session ['用户']
如果user.is_authenticated:
返回的Htt presponse(欢迎)
除:
返回的Htt presponse('需要先登录')
在我的settings.py我已经在文件的顶部添加:
AUTHENTICATION_BACKENDS =(
mongoengine.django.auth.MongoEngineBackend',
)SESSION_ENGINE ='mongoengine.django.sessions进口mongoengine
mongoengine.connect(项目)
不知道,如果你看到任何问题,因为你没有提及任何我却用mongoengine我的身份验证的后端,这是我将如何处理它:
从django.contrib.auth进口登录,用户
从mongoengine.queryset进口DoesNotExist高清login_view(要求):
尝试:
用户= User.objects.get(用户名= request.POST ['用户名'])
如果user.check_password(request.POST ['密码']):
user.backend ='mongoengine.django.auth.MongoEngineBackend
登录(请求用户)
request.session.set_expiry(60 * 60 * 1)#1小时超时
返回的Htt presponse(用户)
其他:
返回的Htt presponse(登录失败)
除了DoesNotExist:
返回的Htt presponse(用户不存在)
除了异常
返回的Htt presponse(未知错误)
您说的用户没有存储在请求......如果你的意思是不是在可用模板,您需要添加AUTH模板背景下处理器的设置(除AUTHENTICATION_BACKENDS设置你已经设置的话)
TEMPLATE_CONTEXT_PROCESSORS =(
...
django.contrib.auth.context_processors.auth',
...
)
要使连接到后续请求登录后用户,将 AuthenticationMiddleware 键,用户将在请求的属性在所有的意见吧:
MIDDLEWARE_CLASSES =(
...
django.contrib.auth.middleware.AuthenticationMiddleware',
...
)
I am trying to use MongoEngine in a django project I am writing. I am having difficulty getting (or understanding how) the authentication backend works.
The user object as far as I can tell is not stored in the request.
I have it working but I am not sure if I am doing it in the right/safe way. If someone could look at my code I would be much appreciated.
def login(request):
user = authenticate(request.POST['username'],request.POST['password'])
if user is not None:
request.session['user'] = user
if user.is_authenticated:
return HttpResponse(user)
else:
return HttpResponse('login failed')
def new_page(request):
try:
user = request.session['user']
if user.is_authenticated:
return HttpResponse('welcome')
except:
return HttpResponse('need be logged in')
in my settings.py I have added at the top of the file:
AUTHENTICATION_BACKENDS = (
'mongoengine.django.auth.MongoEngineBackend',
)
SESSION_ENGINE = 'mongoengine.django.sessions'
import mongoengine
mongoengine.connect('project')
Not sure if you are seeing any issues because you make no mention of any but I use mongoengine for my auth backend and this is how I would handle it:
from django.contrib.auth import login, User
from mongoengine.queryset import DoesNotExist
def login_view(request):
try:
user = User.objects.get(username=request.POST['username'])
if user.check_password(request.POST['password']):
user.backend = 'mongoengine.django.auth.MongoEngineBackend'
login(request, user)
request.session.set_expiry(60 * 60 * 1) # 1 hour timeout
return HttpResponse(user)
else:
return HttpResponse('login failed')
except DoesNotExist:
return HttpResponse('user does not exist')
except Exception
return HttpResponse('unknown error')
You say the user is not stored in the request...if you mean it is not available in templates, you need to add the auth template context processor in your settings (in addition to the AUTHENTICATION_BACKENDS setting you have set already):
TEMPLATE_CONTEXT_PROCESSORS = (
...
'django.contrib.auth.context_processors.auth',
...
)
To make the user attached to subsequent requests after login, set the AuthenticationMiddleware and the user will be an attribute of the request in all your views:
MIDDLEWARE_CLASSES = (
...
'django.contrib.auth.middleware.AuthenticationMiddleware',
...
)
这篇关于MongoEngine用户认证(Django的)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
