1

这是我的 views.py 文件

class UserAPIView(TemplateView, ListCreateAPIView):
    serializer_class = UserSerializer
    queryset = UserProfile.objects.all()
    template_name = 'users/login.html'

    def post(self, request, *args, **kwargs):
        if self.find_password_and_user(request):
            return HttpResponseRedirect(reverse('user:home'))
        else:
            return HttpResponse("False")

    def find_password_and_user(self, request):
        print(request)
        post_username = request.data.get('username')
        post_password = request.data.get('password')
        user = authenticate(username=post_username, password=post_password)
        if user is not None:
            # login(request, user)
            # =====
            backend = None
            session_auth_hash = ''
            if hasattr(user, 'get_session_auth_hash'):
                session_auth_hash = user.get_session_auth_hash()

            if SESSION_KEY in request.session:
                if _get_user_session_key(request) != user.pk or (
                        session_auth_hash and
                        not constant_time_compare(request.session.get(HASH_SESSION_KEY, ''), session_auth_hash)):
                    # To avoid reusing another user's session, create a new, empty
                    # session if the existing session corresponds to a different
                    # authenticated user.
                    request.session.flush()
            else:
                request.session.cycle_key()

            try:
                backend = backend or user.backend
            except AttributeError:
                backends = _get_backends(return_tuples=True)
                if len(backends) == 1:
                    _, backend = backends[0]
                else:
                    raise ValueError(
                        'You have multiple authentication backends configured and '
                        'therefore must provide the `backend` argument or set the '
                        '`backend` attribute on the user.'
                    )
            else:
                if not isinstance(backend, str):
                    raise TypeError('backend must be a dotted import path string (got %r).' % backend)
            request.session[SESSION_KEY] = user._meta.pk.value_to_string(user)
            request.session[BACKEND_SESSION_KEY] = backend
            request.session[HASH_SESSION_KEY] = session_auth_hash
            if hasattr(request, 'user'):
                request.user = user
            rotate_token(request)
            user_logged_in.send(sender=user.__class__, request=request, user=user)
            # =====

            user = UserProfile.objects.filter(username=post_username)
            u_password = user.values('password')[0].get('password')
            return check_password(post_password, u_password)
        return False

如何在一个浏览器中同时登录多个用户 默认情况下,新登录用户的会话将覆盖之前用户的会话。(在 Django_session 表中,会覆盖之前登录用户的 session。)如果是不同的浏览器,则不会被覆盖。简而言之,同一个浏览器只能同时登录一个用户。网上有办法把session改成列表,但是一点头绪都没有。我没办法。非常感谢。

4

1 回答 1

0

上面的答案有两个步骤。我应该说错话了。但是我已经将近一天没有找到解决这个问题的方法。这是我第一次使用栈溢出,也是一个纪念。哈哈。谢谢

于 2020-11-23T13:58:06.007 回答