Django, request.user is always Anonymous User
I am using a custom authentication backend for Django (which runs off couchdb). I have a custom user model.
As part of the login, I am doing a request.user = u
-
After sending Token using Authorization header, the token will be gotten in dispatch function as bellow: '''
def dispatch(self, request, *args, **kwargs): self.args = args self.kwargs = kwargs request = self.initialize_request(request, *args, **kwargs) self.request = request self.headers = self.default_response_headers # deprecate? try: self.initial(request, *args, **kwargs) # Get the appropriate handler method if request.method.lower() in self.http_method_names: handler = getattr(self, request.method.lower(), self.http_method_not_allowed) else: handler = self.http_method_not_allowed response = handler(request, *args, **kwargs) except Exception as exc: response = self.handle_exception(exc) self.response = self.finalize_response(request, response, *args, **kwargs) return self.responseSo you are using django_role_permission's HasRoleMixin, the dispatch method of this mixin will hide dispatch of the view. I think that the solution is to redefine the mixin of roles-permissions
讨论(0) -
I had similar problem when I used custom authentication backend. I used field different than the primary key in the method get_user. It directly solved after using primary key which must be number (not str)
def get_user(self, user_id): try: return User.objects.get(pk=user_id) # <-- must be primary key and number except User.DoesNotExist: return None讨论(0) -
Please elaborate. If you are using a custom user model (which is different from a custom user PROFILE model), then you are basically on your own and the django.contrib.auth framework can not help you with authentication. If you are writing your own authentication system and are not using django.contrib.auth, then you need to turn that off because it seem to be interfering with your system.
讨论(0) -
I too have custom authentication backend and always got
AnonymousUserafter successful authentication and login. I had theget_usermethod in my backend. What I was missing was thatget_usermust get the user bypkonly, not by email or whatever your credentials inauthenticateare:class AccountAuthBackend(object): @staticmethod def authenticate(email=None, password=None): try: user = User.objects.get(email=email) if user.check_password(password): return user except User.DoesNotExist: return None @staticmethod def get_user(id_): try: return User.objects.get(pk=id_) # <-- tried to get by email here except User.DoesNotExist: return NoneIts easy to miss this line in the docs:
The get_user method takes a user_id – which could be a username, database ID or whatever, but has to be the primary key of your User object – and returns a User object.
It so happened that
emailis not primary key in my schema. Hope this saves somebody some time.讨论(0) -
user = authenticate(username=username, password=password) if user is not None: return render(request, 'home.html',{'user_id':user.id})讨论(0) -
The
request.useris set by thedjango.contrib.auth.middleware.AuthenticationMiddleware.Check
django/contrib/auth/middleware.py:class LazyUser(object): def __get__(self, request, obj_type=None): if not hasattr(request, '_cached_user'): from django.contrib.auth import get_user request._cached_user = get_user(request) return request._cached_user class AuthenticationMiddleware(object): def process_request(self, request): request.__class__.user = LazyUser() return NoneThen look at the
get_userfunction indjango/contrib/auth/__init__.py:def get_user(request): from django.contrib.auth.models import AnonymousUser try: user_id = request.session[SESSION_KEY] backend_path = request.session[BACKEND_SESSION_KEY] backend = load_backend(backend_path) user = backend.get_user(user_id) or AnonymousUser() except KeyError: user = AnonymousUser() return userYour backend will need to implement the
get_userfunction.讨论(0)
加载中...
- 热议问题