我曾尝试使用下面的链接作为登录解决方案,但当我进行/login时,它最初会将user属性添加到请求中。在那之后,当我进行后续调用时,user属性不会持久化在请求对象上。
MongoEngine用户身份验证(django)
在我的settings.py中,我确实导入了AuthenticationMiddleware,因此它应该保留用户属性,但不是。
这是我的看法。py:
from django.contrib.auth import login, logout, authenticate
from mongoengine.django.auth import User
from mongoengine.queryset import DoesNotExist
from django.http import HttpResponse
from django.contrib.auth.decorators import login_required
import json
def login_view(request):
user = User.objects.get(username='john')
user.backend = 'mongoengine.django.auth.MongoEngineBackend'
login(request, user)
request.session.set_expiry(60 * 60 * 1) # 1 hour timeout
if(request.user.is_authenticated()):
return HttpResponse(request.user.username)
else:
return HttpResponse('Not Authenticated!')
def do_something(request):
return HttpResponse(request.user.username)
这是我的设置.py:
"""
Django settings for questiveAuth project.
For more information on this file, see
https://docs.djangoproject.com/en/1.7/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.7/ref/settings/
"""
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '%skvtelk+53alr^y8lr4z5d1+4_!_kgmy8%w0ip_%e&^ug$kas'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
TEMPLATE_DEBUG = True
ALLOWED_HOSTS = []
LOGIN_URL = '/loginredirect/'
# Application definition
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.auth',
'mongoengine.django.mongo_auth',
'rest_framework'
)
AUTH_USER_MODEL = 'mongo_auth.MongoUser'
MONGOENGINE_USER_DOCUMENT = 'mongoengine.django.auth.User'
SESSION_ENGINE = 'mongoengine.django.sessions'
SESSION_SERIALIZER = 'mongoengine.django.sessions.BSONSerializer'
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
)
ROOT_URLCONF = 'questiveAuth.urls'
WSGI_APPLICATION = 'questiveAuth.wsgi.application'
from mongoengine import *
connect('questAuth')
# Database
# https://docs.djangoproject.com/en/1.7/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.dummy'
}
}
TEMPLATE_CONTEXT_PROCESSORS = (
'django.contrib.auth.context_processors.auth',
)
# Internationalization
# https://docs.djangoproject.com/en/1.7/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.7/howto/static-files/
STATIC_URL = '/static/'
您忘记告诉Django使用mongoengine后端。
在您的settings.py文件中添加以下内容:
AUTHENTICATION_BACKENDS = (
'mongoengine.django.auth.MongoEngineBackend',
)
用您的代码进行了测试,它按预期工作。