基于状态的Django多个身份验证后端 [英] Django Multiple Authentication Backends Based On Status

问题描述

我想知道如何根据用户是否被标记为工作人员或如果不符合要求，告诉Django哪个身份验证后端使用。

I was wondering how to tell Django which authentication backend to use based on if the user is marked as staff or if they are not.

可以这样做吗？

推荐答案

由于Django使用身份验证后端来获取用户对象，因此我们在调用时不知道用户将被标记为工作人员的后端。

Since the authentication backend is used by Django to get the user object, it is not known at the time we're calling the backend wether the user will be marked as staff or not.

仍然可以为员工和非员工用户使用不同的后端，通过链接后端如指定身份验证后端。例如，如果您的设置为：

Is is still possible to use different backends for staff and non-staff user, by chaining backends as explained in Specifying authentication backends. For example if your settings are:

 AUTHENTICATION_BACKEND = (
     'myapp.auth.StaffUserBackend',
     'django.contrib.auth.backends.ModelBackend',
 )

其中 myapp.auth.StaffUserBackend 只能识别员工用户，当用户认证时会发生这种情况：

where myapp.auth.StaffUserBackend only recognizes staff users, this will happen when an user authenticates:

• 根据 StaffUserBackend 检查凭据。


• 如果用户是员工，凭证正确， StaffUserBackend 返回用户对象，我们完成了。


• 如果用户不是员工，则会根据 ModelBackend 。


• 如果凭据对标准用户有效， ModelBackend 返回用户对象，并且用户像往常一样进行身份验证。


• 如果凭据不被任何后端接受，则身份验证失败。

• The credentials are checked against StaffUserBackend.
• If the user is staff and the credentials are correct, StaffUserBackend returns the user object and we're done.
• If the user is not staff, credentials are checked against ModelBackend.
• If the credentials are valid for a standard user, ModelBackend returns the User object and the user is authenticated as usual.
• If the credentials are not accepted by any backend, the authentication fails.

这篇关于基于状态的Django多个身份验证后端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！