Django 中用于身份验证的多种用户类型 [英] Multiple User Types For Auth in Django
问题描述
我的网站有两种用户类型,客户和专业.还有两个主模块",一个供客户购买东西等(主站点),另一个供专业人员管理运营.对于身份验证,我想要:
My web features two user types, Client and Professional. There are also two 'main modules', one for clients to buy stuff and so on (the main site), and the other for professionals to manage operations. For auth, I would like to have:
- 单一登录"表单,可检测用户是客户还是专业人士,并将她转至正确的模块(主站点或管理站点).
- 两份注册"表格,一份供客户使用,另一份供专业人士使用.网站可能会询问用户是想注册为专业人士还是客户,以针对每种情况触发正确的注册流程.
- 客户将使用主站点",不应被授权使用管理站点".
- 专业人员将使用管理站点",但不应被授权登录主站点.
- 专业人士和客户都注册为用户,并共享通用字段,例如用户名、电话、电子邮件等...
因为 Django 不允许我使用两个模型进行身份验证.我已经创建了自定义模型子类 AbstractBaseUser,并将其用作 Client 和 Professional 的基本身份验证类.
Since Django won't let me use two models for authentication. I've created custom model subclassing AbstractBaseUser and which serves me as a base auth class for Client and Professional.
class BaseUser(AbstractBaseUser):
...
class Client(BaseUser):
...
class Professional(BaseUser):
...
我还将 AUTH_USER_MODEL 设置更改为:
I've also changed the AUTH_USER_MODEL setting to:
AUTH_USER_MODEL = 'myapp.BaseUser'
我还包含了 django-allauth 来管理用户注册和身份验证.但现在我被困住了.我刚开始玩 Django/Python,我不知道如何解决这个问题.
I've also included django-allauth to manage user registration and authentication. But now I'm stuck. I just began playing with Django/Python and I'm not sure how to solve this.
似乎没有官方推荐的方法来执行此操作(实施Django 1.5 中的多个用户类型).我应该坚持子类化方法,还是应该执行 文档 ?
It seems there is no official recommended way for doing this (Implementing multiple user types with Django 1.5). Should I stick to the subclassing approach, or should I do the OnetoOne relationship pointed out in the docs ?
一旦我正确设置了模型,我应该如何处理这两个注册表?是否可以使用 django-allauth 完成此操作,还是我需要手动完成?
Once I have the models properly setup, how should I proceed with the two registration forms? Is it possible to accomplish this with django-allauth, or do I need to do it manually?
据我所知,当注册一个新用户时,会在 User 表中创建一个新的基本用户.但既然我要创建用户专业化(客户或专业),我应该如何指定我也想在相应的表中创建客户相关数据或专业相关数据?
As far as I know, when a new user is registered, a new base user is created in the User table. But since I will be creating user specializations (Client or Professional), how should I specify that I also want to create the client-related data or professional-related data in the corresponding table?
我对 Django 还很陌生,所以任何建议都会有所帮助
I'm pretty new to Django, so any advise will help
推荐答案
我认为最简单的方法是在你的项目中有 3 个应用程序:你的顶级应用程序,一个专业"应用程序和客户端"应用程序.在顶级应用程序中,您真正需要做的就是为用户提供一个登录表单和 2 个链接,一个用于注册为专业人士,另一个用于注册为客户.
I think the easiest way for you to do what you are talking about is going to be to have 3 apps in your project: your top level app, a "professional" app and a "client" app. At the top level app, all you really need to do is give the users a login form, and 2 links, one for registering as a Professional and one for registering as a Client.
在这种情况下,我相信您使用 Django 的内置权限系统将是最简单的,并将每种类型的用户分配到相应的组(例如专业人士和客户).您可以在视图上使用装饰器以确保只有特定组的成员才能访问该视图(因为每个组有 2 个单独的应用程序,您可以为每个视图中的所有视图添加装饰器,或者您可以导入 Django 的授权功能进入您的 urls.py 并在那里检查它,尽管这超出了本答案的范围).
In this case, I believe it will be easiest for you to use Django's built in Permissions system, and assign each type of user to a corresponding group (eg. professionals and clients). You can use a decorator on your views to ensure that only members of a particular group can access that view (since you have 2 separate apps for each group, you can add a decorator to all views in each of them, or you can import Django's authorization functions into your urls.py and check it there, although that is beyond the scope of this answer).
注册很容易,使用您的 urls.py 文件将想要注册的用户转发到正确的应用程序.一旦你这样做了,你应该能够在每个应用程序上使用 django-allauth 注册,允许你创建 2 种不同类型的用户.确保在注册时,您将他们分配给正确的群组成员资格.
Registration is easy enough, use your urls.py file to forward the user that wants to register to the correct app. Once you do that, you should be able to use django-allauth registration on each app, allowing you to create 2 different kinds of users. Make sure when the register, you assign them to the correct group membership.
至于登录重定向,一旦您收到 POST 数据,我会检查登录的用户类型,并使用它来将用户转发到与 Professional 或 Client 应用程序一起使用的正确 URL.您可以查看以下链接,了解登录后重定向用户的想法.
As for the login redirection, once you receive the POST data, I would check for which type of user logged in, and use that to forward the user to the correct URL that goes with the Professional or Client app. You can see the below link for an idea of redirecting a user after login.
Django - 登录后,将用户重定向到他的自定义页面 -->mysite.com/用户名
这篇关于Django 中用于身份验证的多种用户类型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
