When using custom AuthBackend, unable to use request.user.is_authenticated or @login_required decorator

huangapple go评论63阅读模式
英文:

When using custom AuthBackend, unable to use request.user.is_authenticated or @login_required decorator

问题

以下是翻译好的部分:

首先,我来自于 PHP 背景,对 Django 还不太熟悉。我正在尝试将一个 Web 应用从 PHP 框架升级到 Django,同时保持数据库不变。

Django 中的内置身份验证对我来说有点令人困惑,因为我的用户表与 Django 中的 auth.User 模型所预期的不同。

在我的用例中,我有一个名为 Employee 的实体,其登录帐户是在创建 Employee 实体的同时创建的。

我已经成功完成了身份验证部分,通过实现自定义的 AuthBackend。

但现在,我无法在登录后为其他视图使用 @login_required 装饰器,因为它会引发错误,显示 'User' 对象没有 'is_authenticated' 属性。

为了使用 is_authenticated 方法,我的用户模型必须扩展自 auth.AbstractUser 或 auth.AbstractBaseUser。

我该如何保持用户模型的原始表结构,同时又能够使用 Django 中的这些身份验证功能?

---- 问题更新 ----

这是我的用户模型。

class User(models.Model):
    employee = models.ForeignKey(Employee, models.DO_NOTHING)
    user_role = models.ForeignKey(UserRole, models.DO_NOTHING, blank=True, null=True)
    username = models.CharField(max_length=50, 不允许为空=True, null=False)
    password = models.CharField(max_length=50, 不允许为空=True, null=True)
    created_on = models.DateTimeField()
    last_updated_on = models.DateTimeField(blank=True, null=True)
    last_password_change = models.DateTimeField(blank=True, null=True)
    status = models.IntegerField(db_comment='0-已删除, 1-活跃, 2-新建')
    last_login  = models.DateTimeField(blank=True, null=True)

    class Meta:
        managed = False
        db_table = 'user'

请注意,上述内容是对你问题的翻译。如果你需要进一步的帮助或解答问题,请提出具体的问题。

英文:

Firstly I'm coming from a PHP background and new to Django. And I'm trying to upgrade a webapp from a PHP framework to Django, keeping the database unchanged.

The built-in authentication in Django is bit confusing, as my User table is different to what is expected in django's auth.User modal.

In my usecase, I have an Employee entity whose login account is created at the instance of creating the Employee itself.

The authentication part I managed to complete by implementing a custom AuthBackend.

But now, I'm unable to use the @login_required decorator for other views post-login, because it throws and error 'User' object has no attribute 'is_authenticated'.

In order to use is_authenticate method my User modal must then extend from auth.AbstractUser or auth.AbstractBaseUser.

How can I keep the original table structure for User modal, but still get around these authentication functions in django?

---- Update to question ----
This is my user modal.

class User(models.Model):
    employee = models.ForeignKey(Employee, models.DO_NOTHING)
    user_role = models.ForeignKey(UserRole, models.DO_NOTHING, blank=True, null=True)
    username = models.CharField(max_length=50, blank=False, null=False)
    password = models.CharField(max_length=50, blank=True, null=True)
    created_on = models.DateTimeField()
    last_updated_on = models.DateTimeField(blank=True, null=True)
    last_password_change = models.DateTimeField(blank=True, null=True)
    status = models.IntegerField(db_comment='0-Deleted, 1-Active, 2-New')
    last_login  = models.DateTimeField(blank=True, null=True)

    class Meta:
        managed = False
        db_table = 'user'

答案1

得分: 0

一个简单的解决方法就是在你的自定义用户模型中将 is_authenticated 设置为 True,如下所示:

class User(models.Model):
    is_authenticated = True
    employee = models.ForeignKey(Employee, models.DO_NOTHING)
    # ...

话虽如此,通常从AbstractBaseUser开始工作会自动化很多设置。你仍然可以覆盖大多数功能。

英文:

A simple way to fix this is just set is_authenticated to True at your custom user model, like:

<pre><code>class User(models.Model):
<b>is_authenticated = True</b>
employee = models.ForeignKey(Employee, models.DO_NOTHING)
# &hellip;</code></pre>

That being said, working from the AbstractBaseUser often will automate a lot of the settings. You can still override most functionalities anyway.

huangapple
  • 本文由 发表于 2023年6月25日 21:28:16
  • 转载请务必保留本文链接:https://go.coder-hub.com/76550643.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定