0
我用我的最新的Django項目現有的數據庫,所以,除非我改變我的模型或Django的授權碼,這將是相當困難的合併兩個。有點困惑會議在Python/Django是如何權威性和工作
我打算編寫自己的身份驗證應用程序,而不是搞亂現有的auth後端。
反正我以前所有的驗證應用程序已經用PHP編寫的,其中基本上我拋開一切在會話變量,並驗證他們每一頁上......這裏就是我有點困惑。看起來,當一個用戶被認證/登錄時,整個用戶被添加到一個會話中,但我無法弄清楚在哪裏或如何發生。
在Django缺省登錄功能,它賦予用戶request.user ...這是被保存爲一個莫名其妙會話變量,或者它只是傳遞到下一個視圖?如果它只是傳遞到下一個視圖,未來的請求如何進行身份驗證而不需要進一步的登錄請求?
Django缺省AUTH LOGIN低於..
def login(request, user):
"""
Persist a user id and a backend in the request. This way a user doesn't
have to reauthenticate on every request.
"""
if user is None:
user = request.user
# TODO: It would be nice to support different login methods, like signed cookies.
if SESSION_KEY in request.session:
if request.session[SESSION_KEY] != user.id:
# To avoid reusing another user's session, create a new, empty
# session if the existing session corresponds to a different
# authenticated user.
request.session.flush()
else:
request.session.cycle_key()
request.session[SESSION_KEY] = user.id
request.session[BACKEND_SESSION_KEY] = user.backend
if hasattr(request, 'user'):
request.user = user
user_logged_in.send(sender=user.__class__, request=request, user=user)
我也試圖按照user_logged_in.send(),這是在django.dispatch.dispatcher.send,但我不完全知道是什麼這本應該做的。
def send(self, sender, **named):
"""
Send signal from sender to all connected receivers.
If any receiver raises an error, the error propagates back through send,
terminating the dispatch loop, so it is quite possible to not have all
receivers called if a raises an error.
Arguments:
sender
The sender of the signal Either a specific object or None.
named
Named arguments which will be passed to receivers.
Returns a list of tuple pairs [(receiver, response), ... ].
"""
responses = []
if not self.receivers:
return responses
for receiver in self._live_receivers(_make_id(sender)):
response = receiver(signal=self, sender=sender, **named)
responses.append((receiver, response))
return responses
基本上就是我要找的是有人來解釋一個有效的方式來保存在Python用戶會話數據不依賴於Django框架。 Django身份驗證的一點點運行也不錯。