Django user is still AnonymousUser after calling auth.login()

Question

I'm trying to log in a user after they scan an RFID tag on their ID badge, however after calling auth.login() , the user is not logged in, and request.user is still AnonymousUser .

I'm using the following view to authenticate the user:

def login(request):
    if request.method == 'POST':
        form = LoginForm(request.POST)
        if form.is_valid():
            try:
                Models.People.objects.get(id_badge=form.cleaned_data['badge_number'], deleted=False, system_user=True)
            except Models.People.DoesNotExist:
                form.add_error('badge_number', 'Badge number not recognised')
                return render(request, 'login.html', {'form':form})
            user = user.authenticate(id_badge=form.cleaned_data['badge_number'])
            if user is not None:
                auth.login(request, user)
                return redirect(reverse('main-menu'))
            else:
                form.add_error('badge_number', 'Badge number not recognised')
    else:
        form = LoginForm()
    return render(request, 'login.html', {'form': form})

I also have a custom authentication backend to check the badge numbers:

class RFIDBackend(object):
    def authenticate(id_badge=None):
        try:
            person = Models.People.objects.get(info1=id_badge, deleted=False, system_user=True)
        except Models.People.DoesNotExist, Models.People.MultipleValuesReturned:
            return None
        try:
            user = User.objects.get(username=person.login)
        except User.DoesNotExist:
            return None
        if user.is_active:
            return user
        return None

    def get_user(id_badge=None):
        try:
            person = Models.People.objects.get(info1=id_badge, deleted=False, system_user=True)
        except Models.People.DoesNotExist, Models.People.MultipleValuesReturned:
            return None
        try:
            user = User.objects.get(username=person.login)
        except User.DoesNotExist:
            return None
        return user

When trying to log in, the user is successfully redirected to the menu page, but then the template raises an error when it tries to put their name on the page:

'AnonymousUser' object has no attribute 'first_name'

Answer 1

它应该是cleaned_data而不是cleaned_date吗？

Models.People.objects.get(id_badge=form.cleaned_data['badge_number'], deleted=False, system_user=True)

Answer 2

Your get_user method should take the primary key of the user, not the id_badge . Since you are using the built in user, you could use the same implementation as Django's ModelBackend .

from django.contrib.auth import get_user_model

class RFIDBackend(object):
    ...
    def get_user(self, user_id):
        UserModel = get_user_model()
        try:
            return UserModel._default_manager.get(pk=user_id)
        except UserModel.DoesNotExist:
            return None

You try extending this to do the checks on the deleted and system_user fields. If you do this, test to make sure it works as expected when a user is deleted, I'm not 100% sure it will lead to the user being logged out.