Django-为什么内置的auth登录功能在成功登录url之后没有将有关用户的信息传递给 [英] Django- why inbuilt auth login function not passing info about user to after successful login url

问题描述

我为我的项目使用了django inbult身份验证url和视图，现在已经完成了初始用户帐户的创建/登录/重置密码过程.

Hi I used the django inbult auth urls and views for my project and now have finished the initial user account creation/login/reset password process.

现在，用户可以登录并在成功登录url帐户/配置文件/之后重定向到.

Now, the user can log in and be redirected to the after successful login url accounts/profile/.

我对django登录功能有一些疑问.为了方便起见，我在下面复制粘贴了django内置的登录功能代码.

I have several doubts on the django login function. For convenience, I've copy paste the django inbuilt login function code below.

@sensitive_post_parameters()
@csrf_protect
@never_cache
def login(request, template_name='registration/login.html',
          redirect_field_name=REDIRECT_FIELD_NAME,
          authentication_form=AuthenticationForm,
          current_app=None, extra_context=None):
    """
    Displays the login form and handles the login action.
    """
    redirect_to = request.REQUEST.get(redirect_field_name, '')

    if request.method == "POST":
        form = authentication_form(request, data=request.POST)
        if form.is_valid():

            # Ensure the user-originating redirection url is safe.
            if not is_safe_url(url=redirect_to, host=request.get_host()):
                redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)

            # Okay, security check complete. Log the user in.
            auth_login(request, form.get_user())

            return HttpResponseRedirect(redirect_to)
    else:
        form = authentication_form(request)

    current_site = get_current_site(request)

    context = {
        'form': form,
        redirect_field_name: redirect_to,
        'site': current_site,
        'site_name': current_site.name,
    }
    if extra_context is not None:
        context.update(extra_context)
    return TemplateResponse(request, template_name, context,
                            current_app=current_app)

我的问题是:

1函数中的REDIRECT_FIELD_NAME是否在django.contrib.auth中设置为'/profile/'?

1 Is the REDIRECT_FIELD_NAME in the function set as '/profile/' in django.contrib.auth ?

我可以看到此变量是从django.contrib.auth

I could see this variable is imported from django.contrib.auth

from django.contrib.auth import REDIRECT_FIELD_NAME, login as auth_login, logout as auth_logout, get_user_model

我对此变量没有任何设置，但是在用户成功登录后，该页面将定向到/accounts/profile/

I don't have any setting for this variable, but after user successfully logged in, the page will be directed to /accounts/profile/

2登录功能是否传递了有关用户的帐户信息?如果是，该如何访问?

从代码中，如果用户成功登录，页面将被重定向:return HttpResponseRedirect(redirect_to)

From the code, if user successfully logged in, page will be redirected: return HttpResponseRedirect(redirect_to)

重定向到account/profile/，最初的URL视图只是一个

in my case, redirected to accounts/profile/ , initially the view for the url was simply a

HttpResponse("You have logged in successfully")

现在，当我尝试实现视图功能时，我意识到没有传递有关用户的信息.

now when I am trying to implement the view function, I realize that no info about the user has been passed.

我尝试在视图功能中使用print request，但是在服务器终端上打印的消息中没有关于用户的信息，我得到的只是一长串的系统设置或其他信息.但是，登录名应该将谁刚刚成功登录的信息传递给成功登录的网址，对吗?

I've tried to print request in the view function, but there is no info about the user in the message printed in the server terminal, all I get is a long list of system settings or other info. However, the login should pass the info of who has just successfully logged in to the successful log in urls right?

非常感谢您的解释.

推荐答案

登录后，您可以通过在视图中引用request.user并在模板中引用{{user}}来访问用户信息.您只需确定要传递 HttpResponse中的RequestContext 以用于将来的请求.

After the login, you can access the user info by referring request.user in views and just {{user}} in templates. All you need to make sure is you're passing the RequestContext in the HttpResponse for the future request.

是，REDIRECT_FIELD_NAME是在中定义的django.contrib.auth的__init__.py ，它只是您从登录表单传递的"next".

在Django中，有多种方法可以强制用户登录.通过用@login_required装饰视图功能，调用用户定义的URL等的内置登录视图，请参阅登录设置变量

In Django, there are more than one ways to force a user to login. By decorating a view function with @login_required, by calling the build-in login view for an user defined URL and etc., Refer about the login settings variables here. You'll get some more ideas.

构建自定义登录页面.该链接为您提供了自定义登录实现的示例.假设您已经用@login_required装饰了一个视图，并且其对应的URL是/login_test/.然后，将使用/login_test/呈现登录表单中的{{next}}上下文变量.因此，登录后，

Building custom login page. That link gives you an example for custom login implementaion. Consider you have decorated a view with @login_required and it's corresponding URL is /login_test/. Then the {{next}} context variable in the login form will be rendered with /login_test/. So after you login,

<input type="hidden" name="next" value="{{ next }}" />

此元素的值将根据REDIRECT_FIELD_NAME用于重定向.尽管我怀疑该示例缺少对URL login/的settings.LOGIN_URL设置.没关系，它在装饰器本身中作为参数传递.

This element's value will be taken for redirecting as per the REDIRECT_FIELD_NAME. Though I suspect that that example is missing the setting of settings.LOGIN_URL to the URL login/. Never mind, it's being passed as an argument in the decorator itself.

这篇关于Django-为什么内置的auth登录功能在成功登录url之后没有将有关用户的信息传递给的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！