我有一个我想要验证的自定义用户模型。该模型使用如下:
class GalaxyUser(AbstractBaseUser):
#id = models.IntegerField(primary_key=True)
#identifier = models.CharField(max_length=40, unique=True, db_index=True)
username = models.CharField(max_length=90, unique=True, db_index=True)
create_time = models.DateTimeField(null=True, blank=True)
update_time = models.DateTimeField(null=True, blank=True)
email = models.CharField(max_length=225)
#password = models.CharField(max_length=120)
external = models.IntegerField(null=True, blank=True)
deleted = models.IntegerField(null=True, blank=True)
purged = models.IntegerField(null=True, blank=True)
form_values_id = models.IntegerField(null=True, blank=True)
disk_usage = models.DecimalField(null=True, max_digits=16, decimal_places=0, blank=True)
#last_login = models.TextField(max_length=255)
objects = UserManager()
USERNAME_FIELD = 'email'
class Meta:
db_table = u'galaxy_user'
我有自定义身份验证后端:
class AuthBackend:
def authenticate(self, username=None, password=None):
if '@' in username:
kwargs = {'email': username}
else:
kwargs = {'username': username}
try:
user = User.objects.get(**kwargs)
if user.check_password(password):
return user
except User.DoesNotExist:
return None
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
视图中的login_backend函数如下所示:
def login_backend(request):
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
password = hashlib.sha1(password).hexdigest()
user = authenticate(username=username, password=password)
state = "Username or Password Incorrect!"
if user is not None:
login(request, user)
return HttpResponseRedirect('/overview/')
else:
return render_to_response('login_backend.html', {'state':state}, context_instance=RequestContext(request))
else:
return render_to_response('login_backend.html', context_instance=RequestContext(request))
尽管输入了正确的用户名和密码,但我无法登录。有什么问题?
修改
url(r'^overview/', 'fileupload.views.show_files')
@login_required(login_url='/login_backend/')
def show_files(request):
try:
log_id = request.user.id
username = request.user.username
b = File.objects.filter(users_id=log_id, flag='F', flag_r='S') # Get the user id from session .delete() to use delete
total_files = File.objects.filter(users_id=log_id, flag='F').count()
total_size = File.objects.filter(users_id=log_id, flag='F')
a = [str(i.size) for i in total_size]
x = [convert_byte(i) for i in a]
if request.GET:
if request.GET.getlist('page'):
page = request.GET.getlist('page')
page = ''.join(page)
page = int(page)
else:
page = 1
if request.GET.getlist('limit'):
limit = request.GET.getlist('limit')
limit = ''.join(limit)
limit = int(limit)
else:
limit = 4
if request.GET.getlist('page2'):
page2 = request.GET.getlist('page2')
page2 = ''.join(page2)
page2 = int(page2)
else:
page2 = 1
if request.GET.getlist('limit2'):
limit2 = request.GET.getlist('limit2')
limit2 = ''.join(limit2)
limit2 = int(limit2)
else:
limit2 = 4
else:
page = 1
limit = 4
page2 = 1
limit2 = 4
ten = ''
twenty = ''
fifty = ''
hundred = ''
two_hundred = ''
if limit == 10:
ten = 'selected'
if limit == 20:
twenty = 'selected'
if limit == 50:
fifty = 'selected'
if limit == 100:
hundred = 'selected'
if limit == 200:
two_hundred = 'selected'
ten2 = ''
twenty2 = ''
fifty2 = ''
hundred2 = ''
two_hundred2 = ''
if limit2 == 10:
ten2 = 'selected'
if limit2 == 20:
twenty2 = 'selected'
if limit2 == 50:
fifty2 = 'selected'
if limit2 == 100:
hundred2 = 'selected'
if limit2 == 200:
two_hundred2 = 'selected'
if total_size == None:
total_size = 0
total_size = humansize(sum(x))
current_file = Queue.objects.filter(user_id=log_id)
current_time = (time.time())
x = [i.time_overview for i in current_file]
y = [str(i) for i in x]
durations = [current_time - float(i) for i in y]
test = [i.size for i in current_file]
testi = [str(i) for i in test]
size_overs = [int(i) for i in testi]
email_notify = [i.flag_email for i in current_file]
email_notify = [str(i) for i in email_notify]
zero = [i.replace('0', '') for i in email_notify]
one = [i.replace('1', 'checked') for i in zero]
j = [i.file_session for i in current_file]
k = [str(i) for i in j]
s = ['/home/zurelsoft/files/'+i+'*' for i in k]
a = [os.path.getsize(f) for i in s for f in glob.glob(i+'*')]
change_size = [int(k) for k in a]
queue_count = Queue.objects.filter(user_id=log_id).count()
recent_count = File.objects.filter(users_id=log_id, flag='F', flag_r='S').count()
return render_to_response('overview.html', {'queue_count':queue_count, 'recent_count':recent_count, 'page2':page2, 'limit2':limit2, 'ten2':ten2, 'twenty2':twenty2, 'fifty2':fifty2, 'hundred2':hundred2, 'two_hundred2':two_hundred2, 'ten':ten, 'twenty':twenty, 'fifty':fifty, 'hundred':hundred, 'two_hundred':two_hundred, 'page':page, 'limit':limit, 'email_notify':one, 'change_size':change_size, 'duration':durations, 'size_over':size_overs, 'overview':current_file, 'overview_files': b, 'total_files':total_files, 'total_size':total_size, 'username': username}, context_instance=RequestContext(request))
except OSError:
return render_to_response('overview.html', {'overview_files': b, 'total_files':total_files, 'total_size':total_size, 'username': username}, context_instance=RequestContext(request))
答案 0 :(得分:1)
您不应该在视图中散列提交的密码。当您调用User.check_password
方法时,后端会为您执行此操作。
答案 1 :(得分:1)
视图中的更改
def login_backend(request):
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
#password = hashlib.sha1(password).hexdigest()
#user = authenticate(username=username, password=password)
state = "Username or Password Incorrect!"
if user is not None:
login(request, user)
return HttpResponseRedirect('/overview/')
else:
return render_to_response('login_backend.html', {'state':state}, context_instance=RequestContext(request))
else:
return render_to_response('login_backend.html', context_instance=RequestContext(request))