15

我想创建一个身份验证后端,允许用户仅使用他们的电子邮件(无用户名,无密码)登录。

这是我尝试过的。

后端.py:

from django.conf import settings
from django.contrib.auth.models import User

class EmailAuthBackend(object):    
    def authenticate(self, username=None, password=None):
        try:
            user = User.objects.get(email=username)
            if user:
                return user
        except User.DoesNotExist:
            return None

设置.py:

  AUTHENTICATION_BACKENDS = (
       'path_to.backends.EmailAuthBackend',
       'django.contrib.auth.backends.ModelBackend',
      )

html:

   <form  method="post" action="{% url myproject.views.test %}">
    {% csrf_token %}

        <input type="text" name="email" value=""/>

    <button type="submit">Valider</button>

    </form>

看法:

 def test(request):
    email = ''
    if 'email' in request.POST:
        email = request.POST.get('email')
        if not User.objects.filter(email=email):
            User.objects.create(email=email)
        user = authenticate(username=email)
        if user is not None:
            if user.is_active:
                auth_login(request, user)
    return HttpResponseRedirect(reverse('home'))

它不起作用,用户未通过身份验证。当我转到 /admin 时,我也遇到了这个错误:

    AttributeError at /admin/logout/
    'EmailAuthBackend' object has no attribute 'get_user'
4

2 回答 2

22

对于 Django 中的每个自定义后端,您需要指定get_user函数。请参阅文档。该get_user实现可以简单地使用现有的用户表,就像你一样:

def get_user(self, user_id):
   try:
      return User.objects.get(pk=user_id)
   except User.DoesNotExist:
      return None

这是必需的原因是您需要通过其主键从不同来源获取用户的情况。

于 2012-12-19T14:20:54.403 回答
7

虽然Bartek答案是正确的,但我将提供一个示例,说明通过继承ModelBackend.

from django.contrib.auth.backends import ModelBackend

class EmailAuthBackend(ModelBackend):
    def authenticate(self, username=None, password=None, **kwargs):
        try:
            user = User.objects.get(email=username)
            if user.check_password(password):
                return user
        except ObjectDoesNotExist:
            # Run the default password hasher once to reduce the timing
            # difference between an existing and a non-existing user (#20760).
            User().set_password(password)

get_user已经由 实现,并且ModelBackend您将获得许可方法。

于 2014-11-10T20:32:59.057 回答