基于状态的 Django 多重身份验证后端 [英] Django Multiple Authentication Backends Based On Status

问题描述

我想知道如何根据用户是否被标记为员工来告诉 Django 使用哪个身份验证后端.

I was wondering how to tell Django which authentication backend to use based on if the user is marked as staff or if they are not.

这个可以吗?

推荐答案

由于 Django 使用身份验证后端来获取用户对象，因此在我们调用后端时不知道用户是否会被标记是否为员工.

Since the authentication backend is used by Django to get the user object, it is not known at the time we're calling the backend wether the user will be marked as staff or not.

仍然可以通过链接后端来为员工和非员工用户使用不同的后端，如 指定身份验证后端.例如，如果您的设置是:

Is is still possible to use different backends for staff and non-staff user, by chaining backends as explained in Specifying authentication backends. For example if your settings are:

 AUTHENTICATION_BACKEND = (
     'myapp.auth.StaffUserBackend',
     'django.contrib.auth.backends.ModelBackend',
 )

其中 myapp.auth.StaffUserBackend 只识别员工用户，这会在用户进行身份验证时发生:

where myapp.auth.StaffUserBackend only recognizes staff users, this will happen when an user authenticates:

• 根据 StaffUserBackend 检查凭据.
• 如果用户是员工并且凭据正确，StaffUserBackend 返回用户对象，我们就完成了.
• 如果用户不是员工，则会根据 ModelBackend 检查凭据.
• 如果凭据对标准用户有效，ModelBackend 将返回 User 对象，并且用户照常进行身份验证.
• 如果任何后端都不接受凭据，则身份验证失败.

• The credentials are checked against StaffUserBackend.
• If the user is staff and the credentials are correct, StaffUserBackend returns the user object and we're done.
• If the user is not staff, credentials are checked against ModelBackend.
• If the credentials are valid for a standard user, ModelBackend returns the User object and the user is authenticated as usual.
• If the credentials are not accepted by any backend, the authentication fails.

这篇关于基于状态的 Django 多重身份验证后端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！