Python django.contrib.auth的附加日志记录
我想在会话哈希验证失败时记录日志。日志代码应插入到此if块中 我正试图找出实现这一目标的最佳方式。目前看来我需要覆盖整个Python django.contrib.auth的附加日志记录,python,django,session,authentication,Python,Django,Session,Authentication,我想在会话哈希验证失败时记录日志。日志代码应插入到此if块中 我正试图找出实现这一目标的最佳方式。目前看来我需要覆盖整个django.contrib.auth.middleware.AuthenticationMiddleware 你有什么建议给我吗 为什么不复制函数并按照您的意愿放置记录器: from django.contrib.auth import * def your_get_user(request): """ Returns the user model
django.contrib.auth.middleware.AuthenticationMiddleware
你有什么建议给我吗 为什么不复制函数并按照您的意愿放置记录器:
from django.contrib.auth import *
def your_get_user(request):
"""
Returns the user model instance associated with the given request session.
If no user is retrieved an instance of `AnonymousUser` is returned.
"""
from django.contrib.auth.models import User, AnonymousUser
user = None
try:
user_id = _get_user_session_key(request)
backend_path = request.session[BACKEND_SESSION_KEY]
except KeyError:
pass
else:
if backend_path in settings.AUTHENTICATION_BACKENDS:
backend = load_backend(backend_path)
user = backend.get_user(user_id)
# Verify the session
if ('django.contrib.auth.middleware.SessionAuthenticationMiddleware'
in settings.MIDDLEWARE_CLASSES and hasattr(user, 'get_session_auth_hash')):
session_hash = request.session.get(HASH_SESSION_KEY)
session_hash_verified = session_hash and constant_time_compare(
session_hash,
user.get_session_auth_hash()
)
if not session_hash_verified:
log = logging.getLogger("YourLog")
log.debug(session_hash)
request.session.flush()
user = None
return user or AnonymousUser()
并在代码中像您希望的那样使用它