Python Django/mod_wsgi在传递到另一个url时会释放会话
我被这样的问题缠住了。我正在开发托管在Apache/mod_wsgi上的Django应用程序 我将标准Django身份验证替换为远程用户身份验证,依据: 当用户请求:mysite.my/login 因此,我的wsgi.conf如下所示,我在mysite.my/login上得到了验证用户的提示:Python Django/mod_wsgi在传递到另一个url时会释放会话,python,django,apache,mod-wsgi,Python,Django,Apache,Mod Wsgi,我被这样的问题缠住了。我正在开发托管在Apache/mod_wsgi上的Django应用程序 我将标准Django身份验证替换为远程用户身份验证,依据: 当用户请求:mysite.my/login 因此,我的wsgi.conf如下所示,我在mysite.my/login上得到了验证用户的提示: WSGIApplicationGroup %{GLOBAL} WSGIPythonHome /proj/tool/appl/portal/.venv WSGIScriptAlias / /proj/too
WSGIApplicationGroup %{GLOBAL}
WSGIPythonHome /proj/tool/appl/portal/.venv
WSGIScriptAlias / /proj/tool/appl/portal/portal/wsgi.py
WSGIDaemonProcess portal python-path=/proj/tool/appl/portal/.venv/lib/python3.4/site-packages processes=1 threads=60 graceful-timeout=30 maximum-requests=1000 restart-interval=0 header-buffer-size=32768
WSGIProcessGroup portal
WSGISocketPrefix /tmp/wsgi
LogLevel debug
ErrorLog "/proj/weblogs/backendlogs/portal/apache/server1/wsgi/error.log"
CustomLog "/proj/weblogs/backendlogs/portal/apache/server1/wsgi/access.log" combined
#Timeout 600
<Directory /proj/tool/appl/portal/portal>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
<Location "/login">
Order deny,allow
Allow from all
AllowOverride AuthConfig Limit FileInfo Indexes
AuthType VAS
AuthVASUseBasic on
AuthName "[ Enter Windows Password ]"
Require valid-user
</Location>
views.py
def login(request, node):
user = request.user
session_key = request.session.session_key
return HttpResponse("User is: {}<br />"
"SessionKey is: {}<br />"
.format(user, session_key))
def index(request, node):
user = request.user
session_key = request.session.session_key
return HttpResponse("User is: {}<br />"
"SessionKey is: {}<br />"
.format(user, session_key))
我的问题是:
为什么Django在我转到另一个url站点时丢失会话数据?
当我在本地运行它时
manage.py运行服务器
会话正常工作
提前谢谢你的帮助
如果我能纠正有问题的地方,请通知我。这是我第一次问这个问题。不相关,但是使用
threads=60
通常是一个非常糟糕的主意。Python不能很好地处理多线程。通常每个进程最多3-5个线程更好,除非出于某种原因您有一个异常的I/O绑定应用程序。auth指令应该应用于整个站点,而不仅仅是/login
。谢谢您的建议。我将在wsgi.conf@GrahamDumpleton中更正线程。无论如何,我不想限制所有站点只允许经过身份验证的用户访问。我只想限制评论和内容编辑等权威的。在我的项目中,不可能简单地在Django/Admin中创建用户,因为我的用户/密码存储在外部服务(mod_auth_vas)中。是否有其他方法可以在url/login
上验证用户身份并存储Django会话的登录信息?您是否阅读并确保正确应用了所有这些信息。您可能需要它最后提到的persistenremoteusermiddleware
。persistenremoteusermiddleware
适合我。非常感谢你的帮助@GrahamDumpleton。很抱歉延迟回复,但我正面临Django 1.8的迁移,它不支持PersistentRemoteUserMiddleware
到较新的Django 1.11。我的东西太旧了。再次感谢。
def login(request, node):
user = request.user
session_key = request.session.session_key
return HttpResponse("User is: {}<br />"
"SessionKey is: {}<br />"
.format(user, session_key))
def index(request, node):
user = request.user
session_key = request.session.session_key
return HttpResponse("User is: {}<br />"
"SessionKey is: {}<br />"
.format(user, session_key))
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'OPTIONS': {
'context_processors': [
"django.contrib.auth.context_processors.auth",
"django.template.context_processors.debug",
"django.template.context_processors.i18n",
"django.template.context_processors.media",
"django.template.context_processors.static",
"django.template.context_processors.tz",
"django.contrib.messages.context_processors.messages",
"django.core.context_processors.request",
"django.template.context_processors.request",
],
'debug': DEBUG,
'loaders': [
'django.template.loaders.filesystem.Loader',
'django.template.loaders.app_directories.Loader',
]
}
}
]
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
# RemoteUser https://docs.djangoproject.com/en/1.8/howto/auth-remote-user/
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.RemoteUserMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
)
AUTHENTICATION_BACKENDS = [
"django.contrib.auth.backends.RemoteUserBackend"
]
SESSION_ENGINE = "django.contrib.sessions.backends.db"
# Python dotted path to the WSGI application used by Django's runserver.
WSGI_APPLICATION = 'portal.wsgi.application'
ROOT_URLCONF = 'portal.urls'
INSTALLED_APPS = [
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'crispy_forms',
]