我已经覆盖了我的身份验证,以允许任何拥有 ldap 条目的人无需密码即可登录。它适用于登录屏幕的管理员版本,但不适用于基于 auth_views.login 的版本(auth_views.login 只是在提交后刷新到相同的登录表单。)
我在 ExistsInLDAP.authenticate() 方法中添加了一个调试断点,它会中断 django 管理员登录,但不会中断我的 auth_views.login,所以我的胶水代码/配置有问题,而不是代码本身......我思考。
网址.py:
url(r'^accounts/login/$', auth_views.login, name='login'),
设置.py
AUTHENTICATION_BACKENDS = (
'misc.auth.ExistsInLDAP',
'django.contrib.auth.backends.ModelBackend',
)
AUTH_PROFILE_MODULE = "account.UserProfile"
杂项/auth.py:
class ExistsInLDAP(ModelBackend):
"""
Django authentication plugin to just check if user is in ldap.
"""
def authenticate(self, username=None, password=None):
"""
Validate the user is in ldap. Password is ignored.
"""
[ ldap checking ....]
user, created = User.objects.\
get_or_create(username=username,
defaults={
'first_name': r['givenName'][0],
'last_name': r['sn'][0],
'email': r['mail'][0],
'is_superuser': True,
'is_staff': True,
'password': '!',
})
if created:
user.set_unusable_password()
return user
登录模板:
{% extends "base.djhtml" %}
{% block title %}Login{% endblock %}
{% block content %}
<div class="row">
<div class="col-md-10 col-md-offset-1">
<form role="form" method="post" action="{% url django.contrib.auth.views.login %}">
{% csrf_token %}
{% if form.errors %}
<p class="form-error login-form-error">
{{ form.get_error }}
</p>
{% endif %}
<div class="form-group">
<label for="{{ form.username.id }}">{{ form.username.label_tag }}:</label>
{{ form.username }}@vmware.com
<br>
{% comment %}XXX: group has decided passwords aren't needed.{% endcomment %}
<input type="text" hidden="true" value="1234567890" id="{{ form.password.id_for_label }}"/>
<input type="hidden" name="next" value="{{ next }}" />
</div>
<button type="submit" class="btn btn-default">Login</button>
</form>
</div>
</div>
{% endblock %}