Question

以下是我的自定义用户模型：

 class CUserManager(BaseUserManager):

        def _create_user(self, email, first_name, password,
                         is_staff, is_superuser, **extra_fields):
            """
        Creates and saves a User with the given email and password.
        """
        now = timezone.now()
        if not email:
            raise ValueError('The given email must be set')
        email = self.normalize_email(email)
        user = self.model(email=email,
                          first_name = first_name,
                          is_staff=is_staff, is_active=False,
                          is_superuser=is_superuser, last_login=now,
                          date_joined=now, **extra_fields)
        user.set_password(password)
        user.save(using=self._db)
        return user

    def create_user(self, email, first_name, password=None, **extra_fields):
        return self._create_user(email, first_name, password, False, False,
                                 **extra_fields)

    def create_superuser(self, email, first_name, password, **extra_fields):
        return self._create_user(email, first_name, password, True, True,
                                 **extra_fields)


class CUser(AbstractBaseUser, PermissionsMixin):
    email = models.EmailField(_('email address'), max_length=254, unique=True)
    first_name = models.CharField(_('first name'), max_length=30)
    last_name = models.CharField(_('last name'), max_length=30, blank=True)
    is_staff = models.BooleanField(_('staff status'), default=False,
        help_text=_('Designates whether the user can log into this admin '
                    'site.'))
    is_active = models.BooleanField(_('active'), default=False,
        help_text=_('Designates whether this user should be treated as '
                    'active. Unselect this instead of deleting accounts.'))
    date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
    last_updated = models.DateTimeField(_('last updated'), default=timezone.now)

    objects = CUserManager()

    USERNAME_FIELD = 'email'
    REQUIRED_FIELDS = ['first_name', 'last_name']

正确创建新用户。但是当我尝试从shell或视图中验证用户时，authenticate（）函数对于is_active=False的用户不起作用。

>>> from django.contrib.auth import get_user_model, auhtenticate
>>> u = get_user_model()
>>> authenticate(username='abc@gmail.com', password='abc)

如果用户处于非活动状态，则上述行不返回任何内容，否则返回用户对象。我不明白为什么它不为非活动用户返回任何内容。

Answer 1

这是因为django的身份验证工作原因。 By default它使用ModelBackend来检查is_active https://docs.djangoproject.com/en/1.10/ref/contrib/auth/#django.contrib.auth.backends.ModelBackend.get_user_permissions

因此，您可以创建自定义身份验证后端，忽略此选项 https://docs.djangoproject.com/en/1.10/topics/auth/customizing/#writing-an-authentication-backend

Answer 2

您好您可以为此问题编写自定义后端。

from django.contrib.auth.models import check_password
from django.contrib.auth.models import User

from apps.staffs.models import Staff(Custom User)


class StaffBackend:

    # Create an authentication method
    # This is called by the standard Django login procedure
    def authenticate(self, username=None, password=None):

        try:
            # Try to find a user matching your username
            user = Staff.objects.get(username=username)

            #  Check the password is the reverse of the username
            if check_password(password, user.password):
                # Yes? return the Django user object
                return user
            else:
                # No? return None - triggers default login failed
                return None
        except Staff.DoesNotExist:
            # No user was found, return None - triggers default login failed
            return None

    # Required for your backend to work properly - unchanged in most scenarios
    def get_user(self, user_id):
        try:
            return Staff.objects.get(pk=user_id)
        except Staff.DoesNotExist:
            return None

django authenticate（）用于自定义用户模型

2 个答案: