如何检查从tastypie已通过身份验证的用户？ [英] How do I check that user already authenticated from tastypie?

问题描述

当用户在Django的认证，我如何检查，从tastypie？

When user authenticates in Django, how do I check that from tastypie?

在用户登录时，该视图包括一些JS从API，它是由tastypie支持提取数据。

Once user logs on, the view includes some JS that pulls data from API, which is backed by tastypie.

我已经基本验证/ djangoauthorisation建立在我的资源，所以浏览器会弹出HTTP认证窗口。有没有什么办法避免这种情况？

I have basic authentication/djangoauthorisation set up on my resources, so the browser pops up http auth window. Is there any way to avoid this?

我的想法至今延长BasicAuthentication，使其首先检查会话数据，当它没有找到它，它会回到HTTP认证？ AFAIK AJAX调用包括会话cookie，所以这在理论上应该工作？有没有人做过类似的事情？

My idea so far is to extend BasicAuthentication so that it first checks session data and when it doesn't find it, it falls back to http auth? AFAIK AJAX calls include session cookies, so this in theory should work? Has anybody done something similar?

推荐答案

我有这样的解决方案至今：

I have this solution so far:

class MyBasicAuthentication(BasicAuthentication):
    def __init__(self, *args, **kwargs):
        super(MyBasicAuthentication, self).__init__(*args, **kwargs)

    def is_authenticated(self, request, **kwargs):
        from django.contrib.sessions.models import Session
        if 'sessionid' in request.COOKIES:
            s = Session.objects.get(pk=request.COOKIES['sessionid'])
            if '_auth_user_id' in s.get_decoded():
                u = User.objects.get(id=s.get_decoded()['_auth_user_id'])
                request.user = u
                return True
        return super(MyBasicAuthentication, self).is_authenticated(request, **kwargs)

这似乎做我想做的。如果用户登录，然后会包含 _auth_user_id ，如果不是，关键是缺少。

which seems to do what I want. If user is logged on, then session contains _auth_user_id, if not, the key is missing.

任何人都可以想到的任何问题，这种做法可能会导致？

Anyone can think of any problems this approach may cause?

这篇关于如何检查从tastypie已通过身份验证的用户？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！