Django验证后台多个数据库 [英] Django Authenticate Backend Multiple Databases
问题描述
我正在重写一个具有每个客户数据库的遗留应用程序。每个客户都有自己的认证和用户设置。因此,我需要一个自定义身份验证后端,因为django的auth设置为仅使用默认值。我已经编写了中间件,在每个请求上检查URL,并提取信息,以根据请求设置一个database_name。
I am rewriting a legacy application that has a database for each customer. Each customer has its own authentication and user set. Thus, I'll need a custom authentication backend because django's auth is set to only use default. I have written middleware that examines the url upon every request and extracts information there to set a database_name on the request.
如果我在处理我的自定义验证后端时可以访问请求,我可以轻松地执行数据库调用,如 user = User.objects.using (request.db).get(username = username)但是,我看到没有简单的方法来实现这一点。我在这里看到一个答案:从后端访问request.session .get_user ,但这似乎不是线程安全的,所以我不想下去那条路。
If I had access to the request during processing of my custom authencation backend, I could easily perform database calls as user = User.objects.using(request.db).get(username=username) However, I see no easy way to accomplish this. I've seen an answer to that here: Access request.session from backend.get_user, but this wouldn't appear to be thread safe so I don't want to go down that road.
我仍然可以看到仍然使用django-auth的唯一解决方案是为每个客户设置身份验证后端设置数据库名称作为类属性。然后,我将创建一个自定义登录功能,将request.session ['_ auth_user_backend']设置为客户特定的后端。因此,当每个请求调用get_user(user_id)时,它将使用知道要从哪个数据库请求的客户端。
The only solution I can see that still uses django-auth is to have an authentication backend for each customer that sets the database name to be used as a class attribute. Then, I would create a custom login function that sets the request.session['_auth_user_backend'] to be the customer specific backend. Thus, when get_user(user_id) is called on each request, it uses the customer backend which knows which database to request from.
我想避免不必管理如果可能,每个客户的身份验证后端。有没有更好的方法来实现?
I would like to avoid having to manage an authentication backend for each customer if possible. Is there a better way to do this?
推荐答案
由于auth后端没有调用QuerySet方法使用,您可以使用数据库路由器,一个线程本地变量和一些中间件将变量设置为客户的数据库名称。中间件必须放在认证中间件之前。
Since the auth backend is not calling the QuerySet method using you could use a database router with a thread local variable and some middleware to set the variable to the customer's database name. The middleware would have to be placed before the authentication middleware.
线程局部变量是线程安全的。它创建一个线程本地全局变量。
The thread local variable is thread safe. It creates a thread local global variable.
如果您遵循请求的路径,它将执行以下操作:
If you were following the path of a request it would do the following:
- 请求命中django
- 您的自定义中间件从url获取数据库名称将其设置为线程本地全局变量。
-
django身份验证中间件通过运行查询
User.object.get(id = user_id)启动并设置用户。这将使用您的数据库路由器,它将返回在之前的中间件中设置的线程本地全局变量。
- The request hits django
- Your custom middleware grabs the database name from the url sets it to the thread local global variable.
The django authentication middleware starts and sets the user by running the query
User.object.get(id=user_id). This will use your database router which will just return the thread local global variable that was set in the previous middleware.
请求继续进入django的其余部分
The request continues into the rest of the django stack.
例如,您有以下模块:
my_app / middleware.py
my_app/middleware.py
from threading import local
my_local_global = local()
class CustomerMiddleware(object):
def process_request(self, request):
my_local_global.database_name = get_database_name(request)
my_app / routes.py
my_app/routers.py
from middleware import my_local_global
class MultiCustomerRouter(object):
def db_for_read(self, model, **hints):
return my_local_global.database_name
settings.py
settings.py
...
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'my_app.middleware.CustomerMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
DATABASE_ROUTERS = ['my_app.routers.MultiCustomerRouter']
...
这篇关于Django验证后台多个数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
