我遇到了这样的问题。我正在开发在Apache / mod_wsgi上托管的Django应用程序。
我根据以下内容用 REMOTE_USER 身份验证替换了标准的Django身份验证:https://docs.djangoproject.com/en/1.8/howto/auth-remote-user/
当用户请求时,我希望从Apache mod_auth_vas服务(我在服务器上运行)获得有效用户: mysite.my/login
所以,我的wsgi.conf如下所示,我在 mysite.my/login 上获得了验证用户的提示:
WSGIApplicationGroup %{GLOBAL}
WSGIPythonHome /proj/tool/appl/portal/.venv
WSGIScriptAlias / /proj/tool/appl/portal/portal/wsgi.py
WSGIDaemonProcess portal python-path=/proj/tool/appl/portal/.venv/lib/python3.4/site-packages processes=1 threads=60 graceful-timeout=30 maximum-requests=1000 restart-interval=0 header-buffer-size=32768
WSGIProcessGroup portal
WSGISocketPrefix /tmp/wsgi
LogLevel debug
ErrorLog "/proj/weblogs/backendlogs/portal/apache/server1/wsgi/error.log"
CustomLog "/proj/weblogs/backendlogs/portal/apache/server1/wsgi/access.log" combined
#Timeout 600
<Directory /proj/tool/appl/portal/portal>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
<Location "/login">
Order deny,allow
Allow from all
AllowOverride AuthConfig Limit FileInfo Indexes
AuthType VAS
AuthVASUseBasic on
AuthName "[ Enter Windows Password ]"
Require valid-user
</Location>
提示无效: How prompt looks like
问题是:
登录网址后:mysite.my/login Django session.user是正确的(AuthenticatedUser),而SESSION_KEY 不是无值:
urls.py
from django.conf.urls import url
urlpatterns = [
url(r'^index', views.index, name='index')
url(r'^login', views.login, name='login'),
]
views.py
def login(request, node):
user = request.user
session_key = request.session.session_key
return HttpResponse("User is: {}<br />"
"SessionKey is: {}<br />"
.format(user, session_key))
def index(request, node):
user = request.user
session_key = request.session.session_key
return HttpResponse("User is: {}<br />"
"SessionKey is: {}<br />"
.format(user, session_key))
mysite.my/login登录结果如下:
用户是:AuthenticatedUser
SessionKey是:pobrdspueqwopyu4ch6e07ziipi6zn2k
但是那之后我去的时候到了mysite.my/index意外地Django没有看到 用户和session_key之类的(Lost SESSION?):
mysite.my/index
Result when go to another url than /login
用户是:
SessionKey是:无
我不知道为什么会这样。我试图在模板中读取cahching,读取会话,但一切都不起作用。我还是去了另一个网站而不是mysite.my/login会话消失了。
我的settings.py:
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'OPTIONS': {
'context_processors': [
"django.contrib.auth.context_processors.auth",
"django.template.context_processors.debug",
"django.template.context_processors.i18n",
"django.template.context_processors.media",
"django.template.context_processors.static",
"django.template.context_processors.tz",
"django.contrib.messages.context_processors.messages",
"django.core.context_processors.request",
"django.template.context_processors.request",
],
'debug': DEBUG,
'loaders': [
'django.template.loaders.filesystem.Loader',
'django.template.loaders.app_directories.Loader',
]
}
}
]
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
# RemoteUser https://docs.djangoproject.com/en/1.8/howto/auth-remote-user/
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.RemoteUserMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
)
AUTHENTICATION_BACKENDS = [
"django.contrib.auth.backends.RemoteUserBackend"
]
SESSION_ENGINE = "django.contrib.sessions.backends.db"
# Python dotted path to the WSGI application used by Django's runserver.
WSGI_APPLICATION = 'portal.wsgi.application'
ROOT_URLCONF = 'portal.urls'
INSTALLED_APPS = [
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'crispy_forms',
]
我的问题是:
当我去另一个网址时,为什么Django会丢失会话数据? 当我在本地运行时
manage.py runserver
会话正常运作。
提前感谢您的帮助。
如果我能纠正有问题的话,请告知。这是我第一次问这里。