Django中的多个用户类型 [英] Multiple User Types For Auth in Django
问题描述
我的网页具有两种用户类型,客户端和专业版。还有两个主要模块,一个用于客户购买东西等(主要网站),另一个用于专业人士来管理操作。对于auth,我想要:
- 单一的登录表单,用于检测用户是客户还是专业人士并将其转发到正确的模块(主要站点或管理站点)。
- 两个注册表单,一个用于客户端,另一个用于专业人员。可能,网站会询问用户是否要注册为专业人员或客户,以触发每个案件的正确注册流程。
- 客户将使用主站点而不应该被授权使用管理网站。
- 专业人士将使用管理网站,但无权登录主要网站。
- 专业人士和客户均注册为用户,并共享用户名,电话,电子邮件等常用字段。
由于Django不会让我使用两个模型进行身份验证。我创建了自定义模型子类 AbstractBaseUser ,它为我的客户端和专业人员提供了一个基本的Auth类。
class BaseUser(AbstractBaseUser):
...
类客户端(BaseUser):
...
class Professional(BaseUser) :
...
我还更改了 AUTH_USER_MODEL 设置为:
AUTH_USER_MODEL ='myapp.BaseUser'
我还包括 django-allauth 来管理用户注册和身份验证。但现在我被困了我刚刚开始玩Django / Python,我不知道如何解决这个问题。
似乎没有官方推荐的方式来做这个(使用Django 1.5实现多种用户类型)。我应该遵守子类化方法,还是应该在 docs ?
一旦我正确设置了模型,我应该如何进行两个注册表单?可以用django-allauth来完成这个,还是需要手动执行?
据我所知,当一个新用户注册时,一个新的在用户表中创建基本用户。但是,由于我将创建用户专业化(客户端或专业版),我应该如何指定我也想在相应的表格中创建与客户相关的数据或专业相关数据?
$ b $我很熟悉Django,所以任何建议都会帮助您。
我认为你最简单的方法做你正在谈论的将要在您的项目中有3个应用程序:您的顶级应用程序,专业应用程序和客户端应用程序。在顶级应用程序中,您真正需要做的是为用户提供登录表单,以及2个链接,一个用于注册为专业人员,另一个用于注册为客户端。
在这种情况下,我相信使用Django内置的权限系统将是最简单的方法,并将每种类型的用户分配给相应的组(例如专业人士和客户端)。您可以在视图上使用装饰器,以确保只有特定组的成员可以访问该视图(因为每个组都有2个单独的应用程序,您可以为每个组中的所有视图添加装饰器,也可以导入Django的授权功能进入你的urls.py并检查它,虽然这超出了这个答案的范围)。
注册很简单,使用你的urls.py文件将要注册的用户转发到正确的应用程序。一旦你这样做,你应该能够在每个应用程序上使用django-allauth注册,允许你创建2种不同的用户。确认寄存器时,将其分配给正确的组成员资格。
对于登录重定向,一旦您收到POST数据,我将检查哪种类型的用户登录,并使用它将用户转发到与专业版或客户端应用程序一起使用的正确URL。您可以在登录后重新设置用户的想法,看到以下链接。
Django - 登录后,将用户重定向到自定义页面 - > mysite.com/username
My web features two user types, Client and Professional. There are also two 'main modules', one for clients to buy stuff and so on (the main site), and the other for professionals to manage operations. For auth, I would like to have:
- A single 'sign in' form, which detects whether the user is a client or a professional and forwards her to the right module (main site or management site).
- Two 'sign up' forms, one for clients and other for professionals. Probably, the site will ask the user whether she wants to register as a professional or as a client, to trigger the right registration flow for each case.
- Clients will use the 'main site' and should not be authorized to use the 'management site'.
- Professionals will use the 'management site' but should not be authorized to sign in to the main site.
- Both professionals and clients are registered as Users, and share common fields, such as username, phone, email, etc...
Since Django won't let me use two models for authentication. I've created custom model subclassing AbstractBaseUser and which serves me as a base auth class for Client and Professional.
class BaseUser(AbstractBaseUser):
...
class Client(BaseUser):
...
class Professional(BaseUser):
...
I've also changed the AUTH_USER_MODEL setting to:
AUTH_USER_MODEL = 'myapp.BaseUser'
I've also included django-allauth to manage user registration and authentication. But now I'm stuck. I just began playing with Django/Python and I'm not sure how to solve this.
It seems there is no official recommended way for doing this (Implementing multiple user types with Django 1.5). Should I stick to the subclassing approach, or should I do the OnetoOne relationship pointed out in the docs ?
Once I have the models properly setup, how should I proceed with the two registration forms? Is it possible to accomplish this with django-allauth, or do I need to do it manually?
As far as I know, when a new user is registered, a new base user is created in the User table. But since I will be creating user specializations (Client or Professional), how should I specify that I also want to create the client-related data or professional-related data in the corresponding table?
I'm pretty new to Django, so any advise will help
I think the easiest way for you to do what you are talking about is going to be to have 3 apps in your project: your top level app, a "professional" app and a "client" app. At the top level app, all you really need to do is give the users a login form, and 2 links, one for registering as a Professional and one for registering as a Client.
In this case, I believe it will be easiest for you to use Django's built in Permissions system, and assign each type of user to a corresponding group (eg. professionals and clients). You can use a decorator on your views to ensure that only members of a particular group can access that view (since you have 2 separate apps for each group, you can add a decorator to all views in each of them, or you can import Django's authorization functions into your urls.py and check it there, although that is beyond the scope of this answer).
Registration is easy enough, use your urls.py file to forward the user that wants to register to the correct app. Once you do that, you should be able to use django-allauth registration on each app, allowing you to create 2 different kinds of users. Make sure when the register, you assign them to the correct group membership.
As for the login redirection, once you receive the POST data, I would check for which type of user logged in, and use that to forward the user to the correct URL that goes with the Professional or Client app. You can see the below link for an idea of redirecting a user after login.
Django - after login, redirect user to his custom page --> mysite.com/username
这篇关于Django中的多个用户类型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
