1. 首頁
  2. 問答
  3. django授權

django授權

2012-08-31 45 views
0

需要授權。閱讀了幾篇文章,閱讀所有inbuild機制,接受並執行它。他開始這樣做。django授權

註冊模塊django-registration,寫自己登錄,使用lib django.contrib.auth。如下所示:我在登錄頁面登錄,似乎一切都很好,但當我去另一頁面授權時,奇蹟般地消失了。據我瞭解,授權沒有寫入會話,我只在登錄頁面獲得授權。

我做了以下內容:

  1. 授權的登錄頁面上。
  2. 記錄整個User對象爲session
  3. 在每個頁面上,我在頁面加載時檢查的第一件事是會話數據中是否存在User,如果是,請從此處讀取它。

來源是這樣的:

def login_user(request): 
state = "Please log in below..." 
username = password = '' 
if request.POST: 
    username = request.POST.get('username') 
    password = request.POST.get('password') 

    user = authenticate(username=username, password=password) 
    if user is not None: 
     if user.is_active: 
      login(request, user) 
      state = "You're successfully logged in!" 
     else: 
      state = "Your account is not active, please contact the site admin." 
    else: 
     state = "Your username and/or password were incorrect." 
    request.session['user'] = user 
    return render(request,'auth.html',{'state':state, 'username': username, 'info':'info'})

和網頁,我從session閱讀:

@csrf_protect 
def home(request): 
    if "user" in request.session: 
     user = request.session['user'] 
    else: 
     user = None 
    return render_to_response('home.html', {'user_name' : user}, context_instance = RequestContext(request))

但我認爲,這是一個非常愚蠢的做法。你能建議一個更合適的方法嗎?

來源

2012-08-31 Lissomort

回答

1

我不太確定你想達到什麼。只要用戶登錄,您就可以訪問request.user.is_authenticated()在您的視圖中檢查經過身份驗證的用戶,或者爲用戶本身訪問request.user

來源

2012-08-31 10:23:18 Jingo

0

您不需要將用戶添加到會話;這由認證中間件自動完成。

您也不需要手動檢查用戶;使用login_required decorator

結合這一點,您的登錄角度的:

def login_user(request): 
    state = "Please log in below..." 
    username = password = '' 
    if request.POST: 
     username = request.POST.get('username') 
     password = request.POST.get('password') 
    else: 
     return redirect('login/') 

    user = authenticate(username=username, password=password) 
    if user is not None: 
     if user.is_active: 
      login(request, user) 
      state = "You're successfully logged in!" 
     else: 
      state = "Your account is not active, please contact the site admin." 
    else: 
     state = "Your username and/or password were incorrect." 
    return render(request,'auth.html',{'state':state, 'info':'info'})

而在你的其他觀點:

from django.contrib.auth.decorators import login_required 
from django.shortcuts import render 

@csrf_protect 
@login_required 
def home(request): 
    return render(request, 'home.html')

在你的模板(從documentation):

{% if user.is_authenticated %} 
    <p>Welcome, {{ user.username }}. Thanks for logging in.</p> 
{% else %} 
    <p>Welcome, new user. Please log in.</p> 
{% endif %}

來源

2012-08-31 10:35:20

相關問題

 相關問題