我创建了一个身份验证后端,允许用户使用其用户名,密码和机构ID登录。尽管用户可以登录,但无法使用login_required装饰访问视图。当我登录该站点时,它会重定向到以下URL:“ http://xxx.xx.xx.x:xxxx/accounts/login/?next=/accounts/rhome/”。此外,我无法在html模板中获取{{user.username}}。在这种情况下,如何在特定视图上设置身份验证限制(或login_requied装饰)?任何建议将不胜感激。
这是我尝试过的。 backends.py:
class AuthBackend(object):
supports_object_permissions = True
supports_anonymous_user = False
supports_inactive_user = False
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
def authenticate(self, username=None, password=None, institute_id=None):
try:
userid = User.objects.get(username=username)
profile = Profile.objects.get(
Q(user_id=userid.id) & Q(institute_id=institute_id)
)
user = User.objects.get(id = profile.user_id)
if user.check_password(password):
return user
except ObjectDoesNotExist:
return None
View.py:
from django.shortcuts import render, redirect, get_object_or_404
from django.contrib.auth import login as auth_login, logout, authenticate
from django.contrib.auth.models import User
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse, HttpResponseRedirect
from .backends import AuthBackend
def user_login_view(request):
if request.method == 'POST':
institute_id = request.POST.get('institute_id')
username = request.POST.get('username')
password = request.POST.get('password')
user = AuthBackend.authenticate(request, username=username, password=password, institute_id=institute_id)
if user:
if user.is_active:
auth_login(request, user, backend='fileupload_project.accounts.backends.AuthBackend')
return redirect("accounts:rhome")
else:
return HttpResponse("Your account is disabled.")
else:
messages.error(request, 'Invalid login details supplied')
return HttpResponseRedirect(reverse('accounts:login'))
else:
return render(request, 'accounts/login.html', {})
@login_required
def home(request):
return render(request, 'accounts/index.html')
urls.py:
app_name = 'accounts'
urlpatterns = [
url(r'^login/$', views.user_login_view, name='login'),
url(r'^rhome/$', views.home, name='rhome'),]
Settings.py:
LOGIN_URL = '/accounts/login'
LOGIN_REDIRECT_URL = '/accounts/rhome/'
LOGOUT_REDIRECT_URL = '/accounts/logout/'
#Authentication backends
AUTHENTICATION_BACKENDS = (
'accounts.backends.AuthBackend',
'django.contrib.auth.backends.ModelBackend',)
Template / login.html:
<form id="login_form" method="post" action="{% url 'accounts:login' %}">
{% csrf_token %}
<br><br>
<div class="avatar">
<img alt="Avatar" height="180" src="{% static 'accounts/images/avatar.jpg' %}" width="180">
</div>
<h2 class="text-center">User Login</h2>
<div class="form-group">
<input id="institute_id" type="text" class="form-control" name="institute_id" placeholder="Center ID" required="required">
</div>
<div class="form-group ">
<input id="username" type="text" class="form-control" name="username" placeholder="Username" required="required">
</div>
<div class="form-group">
<input id="password" type="password" class="form-control" name="password" placeholder="Password" required="required">
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary btn-lg btn-block">Sign in</button>
{% if messages %}
{% for message in messages %}
<p class="alert alert-warning" >{{ message }}</p>
{% endfor %}
{% endif %}
</div>
<div class="clearfix">
<label class="pull-left checkbox-inline"><input type="checkbox"> Remember me</label>
<a href="#" class="pull-right">Forgot Password?</a>
</div>
</form>