Django：如何覆盖authenticate（）方法？ [英] Django: How to override authenticate() method?

问题描述

我使用自定义的 User ，并且该用户有一个 email_verified 字段。
我希望用户登录时被拒绝，如果此字段为 false 。

I use custom User, and I have an email_verified field for this user. I'd like when a user sign in, to be rejected if this field is false.

我无法在 views.py 中执行此操作，因为用户可以从各种来源（Django站点，但是REST API）登录。
整个目的是避免写N倍于N登录源逻辑。我想在models.py中重写方法（ login（）？ authenticate（）？）以执行

I can't do it in views.py since users can sign in from various sources (Django site but REST APIs too). The whole purpose is to avoid to write N times the logic for N sign in sources. I'd like to override a method (login() ? authenticate() ?) in models.py to do that only once.

我很快阅读了有关自定义身份验证，但没有找到我想要的东西。

I quickly read the doc about customizing authentication but did'nt find what I'm looking for.

谢谢

推荐答案

请参考Django Doc：编写身份验证后端，可能正是您所追求的。它涵盖了您在普通登录和REST API上的用例，例如令牌身份验证：

Please refer to Django Doc: Writing an authentication backend, it's probably what you're after. It covers both your use case on normal login and REST APIs like token authentication:

The authenticate method takes credentials as keyword arguments. 
Most of the time, it’ll just look like this:

class MyBackend(object):
    def authenticate(self, username=None, password=None):
        # Check the username/password and return a User.
        ...
But it could also authenticate a token, like so:

class MyBackend(object):
    def authenticate(self, token=None):
        # Check the token and return a User.
        ...
Either way, authenticate should check the credentials it gets, 
and it should return a User object that matches those credentials, 
if the credentials are valid. If they’re not valid, it should return None.

编写了自定义身份验证后端后，您只需要像这样在 settings.py 中更改默认身份验证后端：

Once you have written your custom auth backend, you just need to change your default auth backend in your settings.py like this:

AUTHENTICATION_BACKENDS = ('project.path.to.MyBackend',)

更新

除了覆盖默认的身份验证行为外，您还可以在设置中同时包含两个后端，例如：

Update

Rather than overriding the default authenticate behaviour, you can just include both Backends in your settings, like:

AUTHENTICATION_BACKENDS = ('project.path.to.MyBackend',
                           'django.contrib.auth.backends.ModelBackend',)

后端的顺序很重要，您可以阅读源代码并更好地了解默认验证，然后一切正常（在此处阅读）

The order of the Backends matters, you can read the source code and have a better understanding how the default authenticate and things work together (Read here)

AFAIK，这是首选的方法o自定义身份验证，因为您有一天可能将默认后端更改为RemoteUserBackend之类的内容（例如，来自RestFramework），因此您可以按顺序放置逻辑（MyBackend）

AFAIK this is the preferred way to customise authenticate, as you may one day change your default Backend to something like RemoteUserBackend or whatever (like from RestFramework) and so you can just place your logic (MyBackend) by order in your settings and no need to worry about breaking the code.

希望这会有所帮助。

这篇关于Django：如何覆盖authenticate（）方法？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！