django-authentication | 易学教程

Show message after password change?

阅读更多关于 Show message after password change?

问题 I'm using the default change password mechanism provided by django. I'm using post_change_redirect to have the submitted form go straight back to my settings page, however I'd like to show a message to reassure the user that the operation has been successful. How can I detect whether I'm arriving in my settings view as the result of a successful password change, and add a message to that effect? 回答1: I wouldn't recommend checking in the settings view whether a user has arrived via a password

When using sub-domains for a Django site, how can you share django logins across sub-domains on localhost?

阅读更多关于 When using sub-domains for a Django site, how can you share django logins across sub-domains on localhost?

问题 I want to let the same user session span across: site.com sub1.site.com sub2.site.com How can I do this in Django? With the default auth user package it seems to require the user to login to all 3 sites each time with a different session. How can they share the same login cookie and session-id? UPDATE: Using the SESSION_COOKIE_DOMAIN value in settings.py seems to work on production sites, but it doesn't work for me on localhost/dev servers. How do you get it to work for localhost sub-domains?

Django 1.7 multisite User model

阅读更多关于 Django 1.7 multisite User model

问题 I want to serve a Django application that serves multiple web sites by single database but different user sets. Think like a blog application, it will be used by several domains with different themes, but use same database by adding a site field to models. I use Django's SitesFramework for that job. But the problem is, I couldn't separate user models for different sites. I want to use same user model with a site field and email field that unique per site. I tried to extend AbstractUser model

Django, TastyPie, Authentication, and custom middleware headache

阅读更多关于 Django, TastyPie, Authentication, and custom middleware headache

I have a Django web application which requires authentication across the whole site. I've accomplished that with custom middleware which basically test if request.user.is_anonymous and, if they are, redirects them to the login page. It looks like this: from django.contrib.auth.views import login from django.contrib.auth import authenticate from django.http import HttpResponseRedirect, HttpResponse from django.utils import simplejson from django.core import serializers class SiteLogin: "This middleware requires a login for every view" def process_request(self, request): if request.path != '

django.auth manipulate model fields/allow space in usernames

阅读更多关于 django.auth manipulate model fields/allow space in usernames

I'm currently implementing a user registration for an app. I'm tying to change the django.auth default behaviour to use email instead of username. I think i'll use a custom auth backend. I want the users still be able to provide an username. How can I allow spaces in the username like "john doe" without changing the fields in django.auth models. How do I make the emailfield required. currently the clean_email method in my UserCreation Form raises an validation error if email is empty. There must be a better way. Thanks to Brandon and Andrew Sledge here is my solution: class RegisterForm

Django: authenticate based on an object's properties using class-based views

阅读更多关于 Django: authenticate based on an object's properties using class-based views

Let's say my app is like a forum, but that each post has a group of people which may see it. SecretPost(Model): can_see = myapp.main.models.GroupOfUsers() I want to write a view which restricts users' access to these posts, and I'd prefer to use decorators, since that's how I've been handling access control everywhere else. SecretPostView(DetailView): """Can only be seen by members of its group""" @method_decorator(part_of_its_group) def dispatch(self, request, *args, **kwargs): return super(SecretPostView, self).dispatch(request, *args, **kwargs) But when dispatch() is called, I don't know

Adding user to group on creation in Django

阅读更多关于 Adding user to group on creation in Django

问题 I'm looking to add a User to a group only if a field of this User is specified as 'True' once the User is created. Every User that is created would have a 'UserProfile' associated with it. Would this be the correct way to implement such a thing? models.py: def add_group(sender, instance, created, **kwargs): if created: sender = UserProfile if sender.is_in_group: from django.contrib.auth.models import Group g = Group.objects.get(name='Some Group') g.user_set.add(sender) post_save.connect(add

Serving Django admin site on subdomain

阅读更多关于 Serving Django admin site on subdomain

问题 I have a project running Django, uWSGI, and Nginx. Currently I use the default Django admin site, served at example.com/admin . I want to change this so that the admin site is only available at admin.example.com . What is the best way to do this? I had thought about starting a completely new Django project to be served on admin.example.com but with the same database settings as the project that runs example.com , but I'm hoping for something more elegant since this would involve duplicating a

Django Auth LDAP - Direct Bind using sAMAccountName

阅读更多关于 Django Auth LDAP - Direct Bind using sAMAccountName

问题 There are two ways to authenticate a user using Django Auth LDAP Search/Bind and Direct Bind. The first one involves connecting to the LDAP server either anonymously or with a fixed account and searching for the distinguished name of the authenticating user. Then we can attempt to bind again with the user’s password. The second method is to derive the user’s DN from his username and attempt to bind as the user directly. I want to be able to do a direct bind using the userid (sAMAccountName)

Okta Authentication Django

阅读更多关于 Okta Authentication Django

I have a Django app that I am trying to add Okta authentication. I currently have created a custom backend that utilizes the Okta API to authenticate a user: class OKTABackend(ModelBackend): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) def authenticate(self, username=None, password=None): headers = { 'Authorization': 'SSWS {}'.format(<my OKTA API token>), 'Accept': 'application/json', 'Content-type': 'application/json' } authentication_payload = { 'username': username, 'password': password } r = requests.post( <my OKTA app address>, headers=headers, data=json.dumps