简体繁体 English

如何从Drupal对Django进行身份验证？

[英]How to authenticate against Django from Drupal?

原文 2011-02-18 15:27:33 3 3 django/ performance/ drupal/ authentication

I have a medium sized Drupal 6 site running (around 5 million page views per month and more than 30K registered users) and I need to integrate OSQA, a Django application, with it. 我有一个中等大小的Drupal 6站点运行（每月大约500万页面浏览量和超过30K注册用户），我需要集成OSQA，一个Django应用程序。 I already have many users, roles and permissions in my Drupal database and I'd like to point the Django app to use the sign up and login pages I already have in Drupal to give my users a single point on entrance. 我已经在Drupal数据库中拥有许多用户，角色和权限，我想指出Django应用程序使用我在Drupal中已有的注册和登录页面来为我的用户提供入口处的单点。

I want to keep the Django authentication part because I think OSQA would work better. 我想保留Django身份验证部分，因为我认为OSQA可以更好地工作。 I also have performance reasons in mind, the Drupal site already gets a lot of traffic and has a very busy database and I think that using a separate database for Django would help. 我还有性能原因，Drupal站点已经获得了大量流量，并且拥有一个非常繁忙的数据库，我认为为Django使用单独的数据库会有所帮助。

After some research I think I could make the Drupal sign up and login pages call Django in the background to sign up or login to the Django app. 经过一些研究后，我想我可以让Drupal注册并登录页面在后台调用Django来注册或登录Django应用程序。 I plan to do this writing a couple of views in Django, one for sign up and another for login, and Drupal would post the username and password to those views. 我计划在Django中编写一些视图，一个用于注册，另一个用于登录，Drupal会将用户名和密码发布到这些视图。 Of course I'd need to disable CSRF in Django for those views and probably also post some secret key that only my Drupal and Django applications know about to avoid external sites trying to use this "unprotected" Django views. 当然我需要在Django中为这些视图禁用CSRF，并且可能还发布一些秘密密钥，只有我的Drupal和Django应用程序才知道要避免外部站点试图使用这种“不受保护的”Django视图。

I know that my Django application may need some user data from Drupal at some points and I'm planning on using the Drupal services module for that. 我知道我的Django应用程序在某些时候可能需要Drupal的一些用户数据，而我正在计划使用Drupal服务模块。

Would this be a good approach? 这会是一个好方法吗？ Any suggestions? 有什么建议么？

Thanks a lot! 非常感谢！

3 个解决方案

Are there any plugins for OSQA to expose an authentication service that Drupal can talk to? OSQA是否有任何插件可以公开Drupal可以与之通信的身份验证服务？ (OpenID or similar). （OpenID或类似）。

Alternatively, check out Drupal's ldap_integration module for an example of a module that uses an external authentication service. 或者，查看Drupal的ldap_integration模块，以获取使用外部身份验证服务的模块示例。 Consider that you will need to create Drupal user accounts for each login. 考虑您需要为每次登录创建Drupal用户帐户。

Finally, why not just build the essential parts of OSQA's functionality with Drupal? 最后，为什么不用Drupal构建OSQA功能的基本部分呢？ Seems like the key functionality could be replicated quite easily using Taxonomy, Vote Up and Userpoints/User Badges... potentially easier to do than shared authentication, especially on a large site. 似乎可以使用Taxonomy，Vote Up和Userpoints / User Badges轻松复制关键功能......可能比共享身份验证更容易，特别是在大型站点上。

I once created a very simple [sql_authentication][1] module, which you can probably simply re-create for a more recent version of Drupal. 我曾经创建了一个非常简单的[sql_authentication] [1]模块，您可以简单地为更新版本的Drupal重新创建。

The idea is simple: provide Drupal with an alternative authentication callback. 这个想法很简单：为Drupal提供另一种身份验证回调。 In that callback-function, just check against the Django database, and return TRUE if you think the user is correct. 在该回调函数中，只需检查Django数据库，如果您认为用户是正确的，则返回TRUE。

You could look at how openid.module (in core) extends the user-authentication for a simple example. 您可以看一下openid.module（在核心中）如何扩展用户身份验证的简单示例。

If you can post to the Django form, you may be able to use drupal_http_request to handle the call to Django. 如果你可以发布到Django表单，你可以使用drupal_http_request来处理对Django的调用。 After using the ldap_integration module for a while, I worked on a custom authentication module that calls a Java-based REST authentication API using drupal_http_request. 在使用ldap_integration模块一段时间之后，我使用了一个自定义身份验证模块，该模块使用drupal_http_request调用基于Java的REST身份验证API。 If you're interested in the code, let me know. 如果您对代码感兴趣，请告诉我。