使用request.user的Django和中间件始终是匿名的 [英] Django and Middleware which uses request.user is always Anonymous
问题描述
我正在尝试制作中间件,该中间件会根据子域等为用户更改某些字段...
唯一的问题是request.user总是来在中间件中以AnonymousUser身份输入,但在视图中才是正确的用户。我保留了设置中django使用的默认身份验证和会话中间件。
这里有一个类似的问题:Django,request.user始终是匿名用户
但不要过度回答总问题,因为我是
在使用DRF时是否有一种方法可以获取request.user,因此在我调用自己的中间件之前,正在运行djangos身份验证。中间件?我将在此处显示一些示例代码:
class SampleMiddleware(object):
def process_view( self,request,view_func,view_args,view_kwargs):
#这将是AnonymousUser。我需要它成为发出请求的实际用户。
打印(request.user)
def process_response(自身,请求,响应):
返回响应
with process_request:
class SampleMiddleware(object):
def process_request(self,request):
#这将是AnonymousUser。我需要它成为发出请求的实际用户。
打印(request.user)
def process_response(自身,请求,响应):
返回响应
我已经解决了此问题,方法是从请求中获取DRF令牌,然后将request.user加载到与该模型关联的用户。 / p>
我有默认的django身份验证和会话中间件,但似乎DRF在中间件解析用户后使用了令牌身份验证(所有请求都是CORS请求,可能是为什么)。这是我更新的中间件类:
from re import sub
from rest_framework.authtoken.models import Token
从core.models导入OrganizationRole,组织,用户
类OrganizationMiddleware(object):
def process_view(self,request,view_func,view_args,view_kwargs):
header_token = request.META.get('HTTP_AUTHORIZATION',None)
如果header_token不是None:
试试:
token = sub('Token','',request.META.get ('HTTP_AUTHORIZATION',None))
token_obj = Token.objects.get(key =令牌)
request.user = token_obj.user
除了Token.DoesNotExist:
pass
#现在这是正确的用户
打印(request.user)
此可以在process_view或process_request上使用。
希望这对以后的工作有所帮助。
I'm trying to make middleware which alters some fields for the user based on subdomain, etc...
The only problem is the request.user always comes in as AnonymousUser within the middleware, but is then the correct user within the views. I've left the default authentication and session middleware django uses within the settings.
There is a similar question here: Django, request.user is always Anonymous User But doesn't overly answer the total question because I'm not using different authentication methods, and djangos authentication is running before I invoke my own middleware.
Is there a way, while using DRF, to get the request.user within the middleware? I'll show some sample code here:
class SampleMiddleware(object):
def process_view(self, request, view_func, view_args, view_kwargs):
#This will be AnonymousUser. I need it to be the actual user making the request.
print (request.user)
def process_response(self, request, response):
return response
with process_request:
class SampleMiddleware(object):
def process_request(self, request):
#This will be AnonymousUser. I need it to be the actual user making the request.
print (request.user)
def process_response(self, request, response):
return response
I've solved this problem by getting DRF token from the requests and loading request.user to the user associated to that model.
I had the default django authentication and session middleware, but it seems DRF was using it's token auth after middleware to resolve the user (All requests were CORS requests, this might have been why). Here's my updated middleware class:
from re import sub
from rest_framework.authtoken.models import Token
from core.models import OrganizationRole, Organization, User
class OrganizationMiddleware(object):
def process_view(self, request, view_func, view_args, view_kwargs):
header_token = request.META.get('HTTP_AUTHORIZATION', None)
if header_token is not None:
try:
token = sub('Token ', '', request.META.get('HTTP_AUTHORIZATION', None))
token_obj = Token.objects.get(key = token)
request.user = token_obj.user
except Token.DoesNotExist:
pass
#This is now the correct user
print (request.user)
This can be used on process_view or process_request as well.
Hopefully this can help someone out in the future.
这篇关于使用request.user的Django和中间件始终是匿名的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
