在AuthenticationMiddleware | Django中添加用户id属性
关于Django身份验证中间件,我有以下问题:在AuthenticationMiddleware | Django中添加用户id属性,django,django-middleware,django-rest-framework-simplejwt,Django,Django Middleware,Django Rest Framework Simplejwt,关于Django身份验证中间件,我有以下问题: class AuthenticationMiddleware(MiddlewareMixin): def process_request(self, request): assert hasattr(request, 'session'), ( "The Django authentication middleware requires session middleware "
class AuthenticationMiddleware(MiddlewareMixin):
def process_request(self, request):
assert hasattr(request, 'session'), (
"The Django authentication middleware requires session middleware "
"to be installed. Edit your MIDDLEWARE setting to insert "
"'django.contrib.sessions.middleware.SessionMiddleware' before "
"'django.contrib.auth.middleware.AuthenticationMiddleware'."
)
request.user = SimpleLazyObject(lambda: get_user(request))
正如您在这里看到的,中间件从后端调用方法get_user(在我的例子中是simple_jwt),并将该方法放入SimpleLazyObject
中,以便稍后进行评估
def get_user(self, validated_token):
"""
Attempts to find and return a user using the given validated token.
"""
try:
user_id = validated_token[api_settings.USER_ID_CLAIM]
except KeyError:
raise InvalidToken(_('Token contained no recognizable user identification'))
try:
user = User.objects.get(**{api_settings.USER_ID_FIELD: user_id})
except User.DoesNotExist:
raise AuthenticationFailed(_('User not found'), code='user_not_found')
if not user.is_active:
raise AuthenticationFailed(_('User is inactive'), code='user_inactive')
return user
我想做的是保留request.user=SimpleLazyObject(lambda:get_user(request))
以便为使用它的应用程序提供用户实例,但对于我的自定义应用程序,我想添加类似
伪码
为了避免在我只需要user\u id
的情况下查询数据库中每个用户对象的请求,我已经在后端的get\u user
方法中直接使用了该id
问题–如何将user\u id
从get\u user()
传递到AuthenticationMiddleware。处理请求()
并将request.user\u id
属性设置为请求,而无需计算SimpleLazyObject
奇怪的是,我无法在类JWTAuthentication(authentication.BaseAuthentication):
中为请求分配属性,其中get\u user()
属于
多谢各位
Internal Server Error: /auth/users/me/
Traceback (most recent call last):
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\sync.py", line 330, in thread_handler
raise exc_info[1]
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\core\handlers\exception.py", line 38, in inner
response = await get_response(request)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\utils\deprecation.py", line 126, in __acall__
response = await sync_to_async(
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\sync.py", line 296, in __call__
ret = await asyncio.wait_for(future, timeout=None)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\asyncio\tasks.py", line 440, in wait_for
return await fut
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\current_thread_executor.py", line 23, in run
result = self.fn(*self.args, **self.kwargs)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\sync.py", line 334, in thread_handler
return func(*args, **kwargs)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\contrib\auth\middleware.py", line 26, in process_request
request.user_id = _get_user_session_key(request)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\contrib\auth\__init__.py", line 58, in _get_user_session_key
return get_user_model()._meta.pk.to_python(request.session[SESSION_KEY])
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\contrib\sessions\backends\base.py", line 65, in __getitem__
return self._session[key]
KeyError: '_auth_user_id'
您已经有可用的用户id。它是从auth.get_user()中的会话解码的,您可以将其复制到自己的中间件中:
从django.contrib.auth导入\u获取\u用户\u会话\u密钥
request.user\u id=\u获取\u用户\u会话\u密钥(请求)
这是一个Django私有API,不知道他们为什么将其保持私有。但您也可以只复制它实现的一行程序:
request.user\u id=get\u user\u model()。\u meta.pk.to\u python(
请求。会话[会话密钥]
)
谢谢你的回答。在第一种情况下,它抛出一个异常(在主问题块中回溯),在第二种情况下,没有可用的会话密钥或“会话密钥”。我经常使用JWT后端,所以它可能不是任何会话密钥。如果你不使用会话身份验证,那么这个中间件什么都不做,你需要使用自己的,或者如果你的JWT身份验证可用,看看他们的,看看他们在哪里设置了request.user。这就是答案。出于某种原因,我确信中间件与jwtauth有关。但事实并非如此。谢谢你的回答
Internal Server Error: /auth/users/me/
Traceback (most recent call last):
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\sync.py", line 330, in thread_handler
raise exc_info[1]
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\core\handlers\exception.py", line 38, in inner
response = await get_response(request)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\utils\deprecation.py", line 126, in __acall__
response = await sync_to_async(
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\sync.py", line 296, in __call__
ret = await asyncio.wait_for(future, timeout=None)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\asyncio\tasks.py", line 440, in wait_for
return await fut
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\current_thread_executor.py", line 23, in run
result = self.fn(*self.args, **self.kwargs)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\asgiref\sync.py", line 334, in thread_handler
return func(*args, **kwargs)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\contrib\auth\middleware.py", line 26, in process_request
request.user_id = _get_user_session_key(request)
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\contrib\auth\__init__.py", line 58, in _get_user_session_key
return get_user_model()._meta.pk.to_python(request.session[SESSION_KEY])
File "C:\ProgramData\Miniconda3\envs\entropy\lib\site-packages\django\contrib\sessions\backends\base.py", line 65, in __getitem__
return self._session[key]
KeyError: '_auth_user_id'