密码保护整个django应用程序 [英] Password protect a whole django app

问题描述

我正在运行一个简单的登录env在heroku，我现在正在寻找密码保护整个应用程序与某种简单的身份验证

I am running a simple staging env on heroku and I am now looking to password protect the whole app with some sort of simple authentication

我想知道是否有一个简单的应用程序或中间件已经支持这一点。
已经尝试了解Heroku / Cloudflare和django的解决方案，但没有什么好像很直接。

I am wondering if there is a simple app or middleware that already supports this. Have tried looking around for solutions with Heroku / Cloudflare and django, but nothing seems really straight forward.

Django 1.3.1

Django 1.3.1

推荐答案

为了达到这个目的，我使用 django-lockdown 它允许您在整个开发人员网站上添加一个简单的密码，而无需在开发环境之外的任何视图添加任何额外的验证位。这也意味着您可以登录管理员或普通用户来测试您的网站。

I use django-lockdown for exactly this purpose. It allows you to add a simple password over the whole of a dev site, without having to add in any extra auth bits on your views that aren't used outside of a dev environment. It also means you can login as admin, or regular users to test whatever your site does

https://github.com/Dunedan/django-lockdown

我使用Heroku和Lockdown这一点我的 settings.py 文件中的代码

I use Heroku and Lockdown with this bit of code in my settings.py file

USE_LOCKDOWN = os.environ.get('USE_LOCKDOWN', 'False') == 'True'
if USE_LOCKDOWN:
    INSTALLED_APPS += ('lockdown',)
    MIDDLEWARE_CLASSES += ('lockdown.middleware.LockdownMiddleware',)
    LOCKDOWN_PASSWORDS = (os.environ.get('LOCKDOWN_PASSWORD', 'False'),)
    LOCKDOWN_URL_EXCEPTIONS = (r'^/some/url/not/locked/down/$',)

然后显然设置了一个配置文件 USE_LOCKDOWN 在我的开发网站上为True，在我的生产站点为False，因此无需更改代码。

Then obviously set a config var of USE_LOCKDOWN as True on my dev site, and False on my production site so no need to change the code for either.

这篇关于密码保护整个django应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！