django-authentication

问题 I use custom User , and I have an email_verified field for this user. I'd like when a user sign in, to be rejected if this field is false . I can't do it in views.py since users can sign in from various sources (Django site but REST APIs too). The whole purpose is to avoid to write N times the logic for N sign in sources. I'd like to override a method ( login() ? authenticate() ?) in models.py to do that only once. I quickly read the doc about customizing authentication but did'nt find what I

问题 I've been stuck on this for a while now and can't seem to figure out what's going on. I'm just starting to learn Django and I got my login set up and now want to implement a registration page. I used the UserCreationForm form at first and that worked fine, but I want to add fields for Email, First name, and Last name. I figured I could just subclass UserCreationForm and add the fields but that doesn't seem to work. Also I tried overriding the save method, but it still doesn't work. My custom

问题 I want to restrict logged-in users to only have one active session, i.e. if the user logs in with a new sessionid, the old session should be terminated. I found a lot of help on SO already: here and here I implemented the middleware solution, with a bit of extra checking... class OnlyOneUserMiddleware(object): """ Middleware to ensure that a logged-in user only has one session active. Will kick out any previous session. """ def process_request(self, request): if request.user.is_authenticated(

问题 The example provides a snippet for an application level view, but what if I have lots of different (and some non-application) entries in my "urls.py" file, including templates? How can I apply this login_required decorator to each of them? (r'^foo/(?P<slug>[-\w]+)/$', 'bugs.views.bug_detail'), (r'^$', 'django.views.generic.simple.direct_to_template', {'template':'homepage.html'}), 回答1: Dropped this into a middleware.py file in my project root (taken from http://onecreativeblog.com/post

问题 How to get the currently logged-in user's id? in models.py : class Game(models.model): name = models.CharField(max_length=255) owner = models.ForeignKey(User, related_name='game_user', verbose_name='Owner') in views.py : gta = Game.objects.create(name="gta", owner=?) 回答1: First make sure you have SessionMiddleware and AuthenticationMiddleware middlewares added to your MIDDLEWARE_CLASSES setting. The current user is in request object, you can get it by: def sample_view(request): current_user =

问题 In django/contrib/auth/views.py there is the definition of the logout view : def logout(request, next_page=None, template_name='registration/logged_out.html', redirect_field_name=REDIRECT_FIELD_NAME, current_app=None, extra_context=None): I would like to add extra_context to get rid of the 'Logged out' title that appear when I log off so I'm trying this in my url confs : (r'^accounts/logout/$', logout(extra_context={'title':'something else'}) ), but then I get this error : logout() takes at

问题 In django/contrib/auth/views.py there is the definition of the logout view : def logout(request, next_page=None, template_name='registration/logged_out.html', redirect_field_name=REDIRECT_FIELD_NAME, current_app=None, extra_context=None): I would like to add extra_context to get rid of the 'Logged out' title that appear when I log off so I'm trying this in my url confs : (r'^accounts/logout/$', logout(extra_context={'title':'something else'}) ), but then I get this error : logout() takes at

问题 I'm currently trying to override the default form used in Django 1.4 when logging in to the admin site (my site uses an additional 'token' field required for users who opt in to Two Factor Authentication, and is mandatory for site staff). Django's default form does not support what I need. Currently, I've got a file in my templates/ directory called templates/admin/login.html , which seems to be correctly overriding the template used with the one I use throughout the rest of my site. The

问题 With django generic CreateView I can create a new user account, but how can I login this user automatically after registration using this technique? urls.py ... url( r'^signup/$', SignUpView.as_view(), name = 'user_signup' ), ... views.py class SignUpView ( CreateView ) : form_class = AccountCreationForm template_name = 'accounts/signup.html' success_url = reverse_lazy( 'home' ) forms.py class AccountCreationForm ( forms.ModelForm ) : def __init__( self, *args, **kwargs ) : super(

问题 I want to retrieve all permission for user as list of premission id's but: user.get_all_permissions() give me list of permission names. How to do it? 回答1: The key is get the permission objects like this: from django.contrib.auth.models import Permission permissions = Permission.objects.filter(user=user) and there you can access the id property like this: permissions[0].id If you want the list (id, permission_name) do the following: perm_tuple = [(x.id, x.name) for x in Permission.objects