Django用户和来自外部源的身份验证 [英] Django users and authentication from external source
问题描述
我有一个Django应用程序从外部源完全获取数据(通过HTTP查询)。也就是说,我没有本地数据库的选项。会话数据存储在缓存中(在我的开发服务器上我使用一个SQLite数据库,这样就没有错误源)。我使用流畅的边缘Django 1.1svn。
输入问题:我想要为用户使用Django自己的身份验证系统。
编写我自己的验证后端似乎很简单,但总是只是在你有一个本地数据库保存用户的情况下。没有数据库我的主要问题是持久性。
我试着用下面的(假设 datasource.get()
是返回某种dict的函数):
class ModelBackend(object):
。
def authenticate(self,username = None,password = None):
检查给定的用户/密码组合是否有效
data = datasource.get('login',username,password)
如果data和data ['ok']:
return MyUser(username = username)
else:
raise TypeError
return None
def get_user(self,username):
获取特定用户的数据
try:
data = datasource.get('userdata',username)
如果data和data ['ok']:
return data.user
except:
pass
return None
class MyUser(User):
Django用户未保存在DB
def save(self):
return None
但有意缺少 save()
在MyUser上的方法似乎打破了登录的会话存储。
如何 MyUser
看起来像没有本地数据库?
。首先,从 http://docs.djangoproject.com/en/ dev / howto / auth-remote-user / ,但您需要使用自己的后端和用户扩展它。
从django.contrib.auth.backends导入RemoteUserBackend
类MyRemoteUserBackend(RemoteUserBackend):
#如果还没有在数据库中创建一个User对象?
create_unknown_user = False
def get_user(self,user_id):
user = somehow_create_an_instance_of(MyUser,user_id)
return user
def authenticate(self,** credentials):
check_credentials()
user = somehow_create_an_instance_of(MyUser,credentials)
return user
然后用户:
来自django.contrib.auth.models import用户
class MyUser(User):
def save(self):
保存到DB禁用
pass
objects = None#我们不能真正使用这个w / o本地DB
username =#和所有其他属性。
#它们被定义为model.CharField或类似的,
#,我们不能允许
def get_group_permissions(self):
你没有自己的权限模块,
默认也会使用DB。抛出它
return []#与其他权限一样defs
def get_and_delete_messages(self):
消息存储在DB中Darn!
return []
唷! Django 真的不是为没有数据库的用途而设计的...
I have a Django app that gets it's data completely from an external source (queried via HTTP). That is, I don't have the option for a local database. Session data is stored in the cache (on my development server I use a SQLite database, so that is no error source). I'm using bleeding edge Django 1.1svn.
Enter the problem: I want to use Django's own authentication system for the users.
It seems quite simple to write my own Authentication Backend, but always just under the condition that you have a local database where to save the users. Without database my main problem is persistence.
I tried it with the following (assume that
datasource.get()
is a function that returns some kind of dict):class ModelBackend (object): """Login backend.""" def authenticate (self, username=None, password=None): """Check, if a given user/password combination is valid""" data = datasource.get ('login', username, password) if data and data['ok']: return MyUser (username=username) else: raise TypeError return None def get_user (self, username): """get data about a specific user""" try: data = datasource.get ('userdata', username) if data and data['ok']: return data.user except: pass return None class MyUser (User): """Django user who isn't saved in DB""" def save (self): return None
But the intentionally missing
save()
method on MyUser seems to break the session storage of a login.How should
MyUser
look like without a local database?解决方案OK, it's much more complicated than I thought. First, start with http://docs.djangoproject.com/en/dev/howto/auth-remote-user/, but you'll need to extend it with your own backend and user.
from django.contrib.auth.backends import RemoteUserBackend class MyRemoteUserBackend (RemoteUserBackend): # Create a User object if not already in the database? create_unknown_user = False def get_user (self, user_id): user = somehow_create_an_instance_of (MyUser, user_id) return user def authenticate (self, **credentials): check_credentials () user = somehow_create_an_instance_of (MyUser, credentials) return user
Then the user:
from django.contrib.auth.models import User class MyUser (User): def save (self): """saving to DB disabled""" pass objects = None # we cannot really use this w/o local DB username = "" # and all the other properties likewise. # They're defined as model.CharField or similar, # and we can't allow that def get_group_permissions (self): """If you don't make your own permissions module, the default also will use the DB. Throw it away""" return [] # likewise with the other permission defs def get_and_delete_messages (self): """Messages are stored in the DB. Darn!""" return []
Phew! Django really isn't designed for usage without a database...
这篇关于Django用户和来自外部源的身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!