[英]In Django, after a login how can I detect which auth backend authenticated the user?
I'm trying to distinguish between a couple of Django authentication backends (which are external packages and I preferably don't want to modify them) in my views.我试图在我的视图中区分几个 Django 身份验证后端(它们是外部包,我最好不想修改它们)。
django.contrib.auth
docs says auth backends ( settings.AUTHENTICATION_BACKENDS
) will be tried in order and the first that does authenticate, will return and set request.user
and if any raises an exception, authentication is refused. django.contrib.auth
文档说 auth 后端( settings.AUTHENTICATION_BACKENDS
)将按顺序尝试,第一个进行身份验证的将返回并设置request.user
,如果任何引发异常,身份验证将被拒绝。 But it does not say how can I distinguish between requests depending on which backend has authenticated the user.但它没有说明如何根据哪个后端对用户进行身份验证来区分请求。
Is this possible?这可能吗? and how?
以及如何?
As explained in Django docs for authentication backends settings :正如Django 文档中关于身份验证后端设置的解释:
Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for the duration of that session whenever access to the currently authenticated user is needed.
用户通过身份验证后,Django 存储用于在用户会话中对用户进行身份验证的后端,并在需要访问当前身份验证的用户时在该会话期间重新使用相同的后端。 This effectively means that authentication sources are cached on a per-session basis
这实际上意味着身份验证源在每个会话的基础上进行缓存
Actually, this information is stored when function login(request, user, backend=None)
is used (see django.contrib.auth.__init__.py
).实际上,此信息是在使用函数
login(request, user, backend=None)
时存储的(请参阅django.contrib.auth.__init__.py
)。 After user has been authenticated, following session information are stored:用户通过身份验证后,将存储以下会话信息:
SESSION_KEY = '_auth_user_id'
BACKEND_SESSION_KEY = '_auth_user_backend'
HASH_SESSION_KEY = '_auth_user_hash'
# [...]
request.session[SESSION_KEY] = user._meta.pk.value_to_string(user)
request.session[BACKEND_SESSION_KEY] = backend
request.session[HASH_SESSION_KEY] = session_auth_hash
So, you should check current request's session for key BACKEND_SESSION_KEY
to find the backend used to authenticate user.因此,您应该检查当前请求的会话以获取密钥
BACKEND_SESSION_KEY
以找到用于验证用户身份的后端。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.