Django用户和来自外部源的身份验证 [英] Django users and authentication from external source

问题描述

我有一个Django应用程序从外部源完全获取数据（通过HTTP查询）。也就是说，我没有本地数据库的选项。会话数据存储在缓存中（在我的开发服务器上我使用一个SQLite数据库，这样就没有错误源）。我使用流畅的边缘Django 1.1svn。

输入问题：我想要为用户使用Django自己的身份验证系统。

编写我自己的验证后端似乎很简单，但总是只是在你有一个本地数据库保存用户的情况下。没有数据库我的主要问题是持久性。

我试着用下面的（假设 datasource.get（）是返回某种dict的函数）：

  class ModelBackend（object）：
 。
 
 def authenticate（self，username = None，password = None）：
检查给定的用户/密码组合是否有效
 
 data = datasource.get（'login'，username，password）
如果data和data ['ok']：
 return MyUser（username = username）
 else： 
 raise TypeError 
 return None 
 
 def get_user（self，username）：
获取特定用户的数据
 
 try：
 data = datasource.get（'userdata'，username）
如果data和data ['ok']：
 return data.user 
 except：
 pass 
 return None 
 
 
 class MyUser（User）：
Django用户未保存在DB
 
 def save（self）：
 return None 
  

但有意缺少 save（）在MyUser上的方法似乎打破了登录的会话存储。

如何 MyUser 看起来像没有本地数据库？

解决方案

。首先，从 http://docs.djangoproject.com/en/ dev / howto / auth-remote-user / ，但您需要使用自己的后端和用户扩展它。

 从django.contrib.auth.backends导入RemoteUserBackend 
 
类MyRemoteUserBackend（RemoteUserBackend）：
＃如果还没有在数据库中创建一个User对象？ 
 create_unknown_user = False 
 
 def get_user（self，user_id）：
 user = somehow_create_an_instance_of（MyUser，user_id）
 return user 
 
 def authenticate（self，** credentials）：
 check_credentials（）
 user = somehow_create_an_instance_of（MyUser，credentials）
 return user 
  

然后用户：

 来自django.contrib.auth.models import用户
 
 class MyUser（User）：
 
 def save（self）：
保存到DB禁用
 pass 
 
 objects = None＃我们不能真正使用这个w / o本地DB 
 
 username =＃和所有其他属性。 
＃它们被定义为model.CharField或类似的，
＃，我们不能允许
 
 def get_group_permissions（self）：
你没有自己的权限模块，
默认也会使用DB。抛出它
 return []＃与其他权限一样defs 
 
 def get_and_delete_messages（self）：
消息存储在DB中Darn！
 return [] 
   
 
唷！ Django 真的不是为没有数据库的用途而设计的... 
 
I have a Django app that gets it's data completely from an external source (queried via HTTP). That is, I don't have the option for a local database. Session data is stored in the cache (on my development server I use a SQLite database, so that is no error source). I'm using bleeding edge Django 1.1svn.

Enter the problem: I want to use Django's own authentication system for the users.

It seems quite simple to write my own Authentication Backend, but always just under the condition that you have a local database where to save the users. Without database my main problem is persistence.

I tried it with the following (assume that datasource.get() is a function that returns some kind of dict):
class ModelBackend (object):
    """Login backend."""

    def authenticate (self, username=None, password=None):
        """Check, if a given user/password combination is valid"""

        data = datasource.get ('login', username, password)
        if data and data['ok']:
            return MyUser (username=username)
        else:
            raise TypeError
            return None

    def get_user (self, username):
        """get data about a specific user"""

        try:
          data = datasource.get ('userdata', username)
          if data and data['ok']:
              return data.user
        except:
            pass
        return None


class MyUser (User):
    """Django user who isn't saved in DB"""

    def save (self):
        return None
But the intentionally missing save() method on MyUser seems to break the session storage of a login.

How should MyUser look like without a local database?
解决方案
OK, it's much more complicated than I thought. First, start with http://docs.djangoproject.com/en/dev/howto/auth-remote-user/, but you'll need to extend it with your own backend and user.
from django.contrib.auth.backends import RemoteUserBackend

class MyRemoteUserBackend (RemoteUserBackend):
    # Create a User object if not already in the database?
    create_unknown_user = False

    def get_user (self, user_id):
        user = somehow_create_an_instance_of (MyUser, user_id)
        return user

    def authenticate (self, **credentials):
        check_credentials ()
        user = somehow_create_an_instance_of (MyUser, credentials)
        return user
Then the user:
from django.contrib.auth.models import User

class MyUser (User):

    def save (self):
        """saving to DB disabled"""
        pass

    objects = None # we cannot really use this w/o local DB

    username = ""  # and all the other properties likewise.
                   # They're defined as model.CharField or similar,
                   # and we can't allow that

    def get_group_permissions (self):
        """If you don't make your own permissions module,
           the default also will use the DB. Throw it away"""
        return [] # likewise with the other permission defs

    def get_and_delete_messages (self):
        """Messages are stored in the DB. Darn!"""
        return []
Phew! Django really isn't designed for usage without a database...

                        
这篇关于Django用户和来自外部源的身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！