堆栈内存溢出
  简体   繁体   English

在 Django 中,登录后如何检测哪个身份验证后端对用户进行了身份验证?

[英]In Django, after a login how can I detect which auth backend authenticated the user?

 原文  2017-09-18 05:54:54       python/ django/ authentication

问题描述

I'm trying to distinguish between a couple of Django authentication backends (which are external packages and I preferably don't want to modify them) in my views.我试图在我的视图中区分几个 Django 身份验证后端(它们是外部包,我最好不想修改它们)。 django.contrib.auth docs says auth backends ( settings.AUTHENTICATION_BACKENDS ) will be tried in order and the first that does authenticate, will return and set request.user and if any raises an exception, authentication is refused. django.contrib.auth文档说 auth 后端( settings.AUTHENTICATION_BACKENDS )将按顺序尝试,第一个进行身份验证的将返回并设置request.user ,如果任何引发异常,身份验证将被拒绝。 But it does not say how can I distinguish between requests depending on which backend has authenticated the user.但它没有说明如何根据哪个后端对用户进行身份验证来区分请求。

Is this possible?这可能吗? and how?以及如何?

1 个解决方案

解决方案1
 7 已采纳  2017-09-18 08:08:08

As explained in Django docs for authentication backends settings :正如Django 文档中关于身份验证后端设置的解释

Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for the duration of that session whenever access to the currently authenticated user is needed.用户通过身份验证后,Django 存储用于在用户会话中对用户进行身份验证的后端,并在需要访问当前身份验证的用户时在该会话期间重新使用相同的后端。 This effectively means that authentication sources are cached on a per-session basis这实际上意味着身份验证源在每个会话的基础上进行缓存

Actually, this information is stored when function login(request, user, backend=None) is used (see django.contrib.auth.__init__.py ).实际上,此信息是在使用函数login(request, user, backend=None)时存储的(请参阅django.contrib.auth.__init__.py )。 After user has been authenticated, following session information are stored:用户通过身份验证后,将存储以下会话信息:

SESSION_KEY = '_auth_user_id'
BACKEND_SESSION_KEY = '_auth_user_backend'
HASH_SESSION_KEY = '_auth_user_hash'
# [...]
request.session[SESSION_KEY] = user._meta.pk.value_to_string(user)
request.session[BACKEND_SESSION_KEY] = backend
request.session[HASH_SESSION_KEY] = session_auth_hash

So, you should check current request's session for key BACKEND_SESSION_KEY to find the backend used to authenticate user.因此,您应该检查当前请求的会话以获取密钥BACKEND_SESSION_KEY以找到用于验证用户身份的后端。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在Django的base.html中检查用户是否已通过身份验证? - How can i check if the user is authenticated or not in base.html in django? 用户已注册但登录后未通过身份验证 - User registered but not authenticated after login 我怎样才能使用django.auth.views.login? - How can I use django.auth.views.login? 我如何使用 mysql 上的“用户”表,而不是 django 站点默认的“auth_user”表? - How can i use the “user” table on mysql instead of the “auth_user” table which is the default from the django site? Django allauth未检测到user.is_authenticated - Django allauth does not detect user.is_authenticated 调用auth.login()后,Django用户仍然是AnonymousUser - Django user is still AnonymousUser after calling auth.login() 登录后如何重定向到用户请求的URL-Django loginrequiredmixin - How can I redirect to user requested url after login - Django loginrequiredmixin 我可以使用django-nonrel和自定义身份验证后端吗? - Can I use django-nonrel and a custom auth backend? 我有两个django网站。 如何判断用户是否已通过其中之一进行身份验证? - I have two django sites. How can I tell if a user is already authenticated on one of them? 登录后如何重定向 django.contrib.auth.views.login? - How to redirect django.contrib.auth.views.login after login?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM