如何查找特定用户的 Django 会话? [英] How to lookup django session for a particular user?

问题描述

我正在编写一个应用程序，我将在其中从 django 和独立应用程序访问数据库.两者都需要进行会话验证，并且两者的会话应该相同.Django 有一个内置的身份验证/会话验证，这是我正在使用的，现在我需要弄清楚如何为我的独立应用程序重用相同的会话.

我的问题是如何查找特定用户的 session_key?

从表面上看，auth_user 和 django_session 之间没有任何联系

解决方案

修改 django_session 表以添加明确的 user_id 可以让生活变得更轻松.假设你这样做(或类似的事情)，这里有四种方法可以根据自己的喜好调整:

fork django.contrib.session 代码.我知道，我知道，这是一个可怕的建议.但它只有 500 行，包括所有后端并减去测试.破解非常简单.只有当您要认真地重新安排事情时，这才是最佳途径.

如果你不想分叉，你可以尝试连接到 Session.post_save 信号并在那里 munge.

或者你可以使用 MonkeyPatch contrib.session.models.Session.save().只需包装现有方法(或创建一个新方法)，分解/合成您需要的任何值，将它们存储在您的新字段中，然后 super(Session, self).save().>

另一种方法是在 settings.py 文件中放入 2 个(是的，两个)中间件类——一个在 SessionMiddleware 之前和一个之后.这是因为中间件的处理方式.SessionMiddleware 之后列出的将在入站请求中获得一个已附加会话的请求.前面列出的那个可以对响应进行任何处理和/或更改/重新保存会话.

我们使用了最后一种技术的变体，为搜索引擎蜘蛛创建了伪会话，让它们能够特别访问通常仅供会员访问的材料.我们还会检测 REFERER 字段来自相关搜索引擎的入站链接，并为用户提供对该文章的完全访问权限.

更新:

我的答案现在已经很古老了，尽管它大部分仍然是正确的.请参阅下方@Gavin_Ballard 的最新答案 (9/29/2014)，了解解决此问题的另一种方法.

I am writing an application where I will be accessing the database from django and from a stand alone application. Both need to do session verification and the session should be the same for both of them. Django has a built in authentication/session verification, which is what I am using, now I need to figure out how to reuse the same session for my stand alone application.

My question is how can I look up a session_key for a particular user?

From what it looks there is nothing that ties together auth_user and django_session

解决方案

Modifying the django_session table to add an explicit user_id can make life a lot easier. Assuming you do that (or something similar), here are four approaches to munging things to your liking:

Fork the django.contrib.session code. I know, I know, that's a horrible thing to suggest. But it's only 500 lines including all backends and minus the tests. It's pretty straightforward to hack. This is the best route only if you are going to do some serious rearranging of things.

If you don't want to fork, you could try connecting to the Session.post_save signal and munge there.

Or you could MonkeyPatch contrib.session.models.Session.save(). Just wrap the existing method (or create a new one), breakout/synthesize whatever values you need, store them in your new fields, and then super(Session, self).save().

Yet another way of doing this is to put in 2 (yes, two) middleware classes -- one before and one after SessionMiddleware in your settings.py file. This is because of the way middleware is processed. The one listed after SessionMiddleware will get, on the inbound request, a request with the session already attached to it. The one listed before can do any processing on the response and/or change/resave the session.

We used a variation on this last technique to create pseudo-sessions for search engine spiders to give them special access to material that is normally member-only. We also detect inbound links where the REFERER field is from the associated search engine and we give the user full access to that one article.

Update:

My answer is now quite ancient, although it still is mostly correct. See @Gavin_Ballard's much more recent answer (9/29/2014) below for yet another approach to this problem.

这篇关于如何查找特定用户的 Django 会话?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！