Django url令牌身份验证无法对用户进行身份验证
我无法在注册时验证我的用户。我发现一次性链接令牌身份验证的解决方案是篡改ModelBackend。您可以看到基本解决方案,我将粘贴我的实现,因为我使用CBV进行视图 自定义模型后端: 认证中间件在这里注册Django url令牌身份验证无法对用户进行身份验证,django,Django,我无法在注册时验证我的用户。我发现一次性链接令牌身份验证的解决方案是篡改ModelBackend。您可以看到基本解决方案,我将粘贴我的实现,因为我使用CBV进行视图 自定义模型后端: 认证中间件在这里注册 AUTHENTICATION_BACKENDS = ( 'business_accounts.backends.UrlTokenBackend', # Needed to login by username in Django admin, regardless of `al
AUTHENTICATION_BACKENDS = (
'business_accounts.backends.UrlTokenBackend',
# Needed to login by username in Django admin, regardless of `allauth`
'django.contrib.auth.backends.ModelBackend',
# `allauth` specific authentication methods, such as login by e-mail
'allauth.account.auth_backends.AuthenticationBackend',
)
自定义视图为:
from django.contrib.auth import authenticate, login
from django.shortcuts import redirect
from django.views.generic import View
class UrlGatewayLogin(View):
def get(self, request):
token = request.GET.get('token')
user = authenticate(token=token)
login(request, user)
return redirect('dashboard')
网址是
urlr“^auth/login/”,UrlGatewayLogin.as_视图,name='auth-login'
现在,我将为登录构建一个url,如http:/localhost:8000/auth/login/?token=12323344,这样整个过程只需通过此链接登录用户并将其重定向到仪表板。
登录名显示此错误:
Environment:
Request Method: GET
Request URL: http://localhost:8888/auth/login/?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MjYzNjE5MTksInVzZXJfaWQiOjcwLCJlbWFpbCI6ImFkbWluQGFkbWluLmFpIiwidXNlcm5hbWUiOiJhZG1pbkBhZG1pbi5haSIsIm9yaWdfaWF0IjoxNTI2MzU4OTE5fQ.qyR5SYZ1uO0reVSRjcFdXGGhgfKhdu1eU277UAGU5l8
Django Version: 1.8.5
Python Version: 3.4.2
Installed Applications:
['django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sites',
'allauth',
'allauth.account',
'allauth.socialaccount',
'allauth.socialaccount.providers.facebook',
'allauth.socialaccount.providers.twitter',
'allauth.socialaccount.providers.foursquare',
'allauth.socialaccount.providers.google',
'rest_framework',
'rest_framework_swagger',
'django_filters',
'corsheaders',
'gunicorn',
'googleads',
'django_nose',
'webpack_loader',
'common',
'business_accounts',
'search',
'platforms_search',
'locations',
'reviews',
'socialmedia',
'inbox',
'stats',
'usermanagement',
'connect',
'dashboard',
'freetrial',
'billing',
'demo',
'social_tickets',
'external',
'test_account']
Installed Middleware:
('django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.middleware.common.CommonMiddleware')
Traceback:
File "/srv/bspotted.net/venv/lib/python3.4/site-packages/django/core/handlers/base.py" in get_response
132. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/srv/bspotted.net/venv/lib/python3.4/site-packages/django/views/generic/base.py" in view
71. return self.dispatch(request, *args, **kwargs)
File "/srv/bspotted.net/venv/lib/python3.4/site-packages/django/views/generic/base.py" in dispatch
89. return handler(request, *args, **kwargs)
File "/srv/bspotted.net/app/business_accounts/views/url_gateway_login.py" in get
10. login(request, user)
File "/srv/bspotted.net/venv/lib/python3.4/site-packages/django/contrib/auth/__init__.py" in login
111. request.session[SESSION_KEY] = user._meta.pk.value_to_string(user)
File "/srv/bspotted.net/venv/lib/python3.4/site-packages/django/utils/functional.py" in inner
226. return func(self._wrapped, *args)
Exception Type: AttributeError at /auth/login/
Exception Value: 'AnonymousUser' object has no attribute '_meta'
因此,请有人解释为什么会发生这种情况,以及我如何克服这种情况,谢谢。身份验证应返回用户对象:
class UrlTokenBackend(ModelBackend):
"""
Custom login backend that will accept token allow click url login
"""
def authenticate(self, request, token=None):
try:
user = MyUser.objects.get(token=token)
except MyUser.DoesNotExist:
logger.warning('My user=%s does not exist', user)
return None
if not user.is_active:
return None
return user
当然我没有看到,但我仍然收到同样的消息error@PetarP用户是否处于活动状态?logger.infouser.is_active在authenticate方法中说了什么?它显示is_active=True,我现在写有点困惑,因为我是honestOk所以令牌不起作用,我已经设法使用id登录了一个用户,我会接受这个答案,因为它很有帮助
class UrlTokenBackend(ModelBackend):
"""
Custom login backend that will accept token allow click url login
"""
def authenticate(self, request, token=None):
try:
user = MyUser.objects.get(token=token)
except MyUser.DoesNotExist:
logger.warning('My user=%s does not exist', user)
return None
if not user.is_active:
return None
return user