堆栈内存溢出
  简体   繁体   English

如何检查Django用户是否仍然只从客户端登录?

[英]How to check if a Django user is still logged in from the client side only?

 原文  2011-08-08 14:27:41       javascript/ django/ cookies/ authentication

问题描述

Security is not an issue here. 安全不是问题。

I need to display 'You are logged in as username' on the page, but don't want to remove the view from the cache just for this so I'm hoping to be able to do it in javascript. 我需要在页面上显示“您以用户名登录”,但不想仅为此删除缓存中的视图,因此我希望能够在javascript中执行此操作。

I don't want to make anything critical with this process, just check if the cookie is still valid, and if it is, display the welcome message, overwise, display the login link. 我不想对此过程做任何重要的事情,只需检查cookie是否仍然有效,如果是,则显示欢迎消息,过度显示登录链接。

The whole point is to not hit the database and spare the server, as we got 120000 users a day on this single machine, so I need: 重点是没有打到数据库并节省服务器,因为我们每天在这台机器上有120000个用户,所以我需要:

  • the name of the django.contrib.auth cookie so I can read it; django.contrib.auth cookie的名称,所以我可以阅读它;
  • the data I'm supposed to read from it to decide the user is still logged in 我应该从中读取数据以确定用户仍然登录
  • a way to extract the username from it 一种从中提取用户名的方法

If I can't find a way to do this, I will fall back to create an authentification backend that set an additional cookie at sign in and deleting it at when logging out. 如果我找不到这样做的方法,我将回过头来创建一个身份验证后端,在登录时设置一个额外的cookie并在注销时删除它。

2 个解决方案

解决方案1
 9 已采纳  2011-08-08 15:17:00

The sessionid cookie exists and has an expiry date. sessionid cookie存在且具有到期日期。 You could check to see if that is still valid which would suggest they are logged it. 您可以检查是否仍然有效,这表明他们已将其记录下来。 You can't get the username this way though, you'll have to add a custom cookie. 您无法以这种方式获取用户名,但您必须添加自定义Cookie。

解决方案2
 2  2015-05-09 22:07:39

Have code like the following in your template. 在模板中包含以下代码。 

{% block top %}<script async="async" defer="defer" type="text/javascript" src="{% static 'users/js/geo.js' %}"

{% if user.is_authenticated %} data-authenticated="true" {% endif %}

></script
>{% endblock %}

And check if your authenticated with code like: 并检查您是否通过以下代码进行了身份验证: 

unsafe_authenticated = 'true' === document.currentScript.dataset.authenticated;

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何检查Parse用户是否从客户端javascript登录? - How do I check if Parse user is logged in from client-side javascript? 检查用户是否在客户端登录 - Check if user has logged in on client side 如何从登录Google登录(仅限客户端的应用程序)中正确获取访问令牌? - How to properly get Access Token from logged in Google Sign In (client-side only app)? 是否可以检查 Parse 用户是否从服务器端登录? - Is it possible to check is Parse user is logged in from the server side? 如何使用 Firebase 从云 function 端查找用户是否已登录? - How to find user is logged in or not from cloud function side using Firebase? 如何仅在用户登录时运行 ajax。(Django) - How to run ajax only when user is logged in. (Django) 如何确定用户是否仍在使用 PingFederate OpenID Connect 隐式客户端流程登录? - How can I determine if a user is still logged in using the PingFederate OpenID Connect Implicit Client flow? 如何检查用户是否登录然后重定向? - How to check if user logged and then redirect? 如何检查用户是否登录到Facebook - How to check if a user is logged in to facebook 如何检查用户是否使用Facebook登录 - How to check if a user is logged in with Facebook
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM