Version: GnuPG v2
iQEcBAEBCAAGBQJaGdO/AAoJEPwUlFZ8c0AeJZ8H+wSNxdxq8jpcofwCrRYsHX/h
bGDlxAPaxB5Ank3JvbtsrejDLkHImQNEj9dcbP5OXGGrLiUsqvKm1qk0WCiDFUON
RY54Vr7gbdHqKOtPLO2gPd7NeF6eH39W+9PTYSl6guCc6xf/bBkP97EgyXvOUu30
Z8uhws4FZ7aqglhp2sc/kzgBZKrZg5S5Q6JhBoaviahAuY3TyCIs4dEJoPYYGRMM
jzI2Jo/GJyGdM6NuSq5C1W16xf4vG2Sc71wRfzLJDwEdWncq7bRCWJ9KybCEz8XX
9WZN2i4QQMgmK43q6UCK6D1pccFz5QOsyf0vcdey7hwG5QJaOzCjbuIh07mfLMU=
=cGLV
-----END PGP SIGNATURE-----
Hi,
for certain reasons I need to define custom user model and backend. First I only created a custom backend and kept with the standard user table Django provides. Authentication seems to work fine but the login is broken. By my view you can see that in case the user .is_authenticated a redirect happens. When I print the request.user I always end up with "AnonymousUser" even after successful authentication. So I assume the login is stuck. But what did I do wrong? I can't see a difference to what is guided in the documentation.
# django imports from django.contrib.auth import get_user_model UserModel = get_user_model() class MyBackend(object): def authenticate(self, request, username, password): try: user = UserModel.objects.get_by_natural_key(username) except UserModel.DoesNotExist: return None else: if argon2.verify(password, user.password) and self.user_can_authenticate(user): return user def user_can_authenticate(self, user): # is_active = getattr(user, 'is_active', None) return is_active or is_active is None def get_user(self, username): try: user = UserModel.objects.get(username=username) except UserModel.DoesNotExist: return None else: return user if self.user_can_authenticate(user) else NoneThis is my view:
from django.contrib.auth import authenticate, login, logout from django.contrib.auth.models import User @require_http_methods(["GET", "POST"]) def index(request): context = {'tables': None, 'content': 'login', 'session': None, 'user': None} if request.user.is_authenticated: return HttpResponseRedirect('/rtd') form = forms.LoginForm(request.POST) # POST if request.method == 'POST': if form.is_valid(): username = form.cleaned_data['user'] password = form.cleaned_data['password'] # authenticate user user = authenticate(request=request, username=username, password=password) if user is not None: # login user login(request, user) # message + log entry message = 'Authentication successful! User "{}" logged in.'.format(user) log.info(message) data = {'response': True, 'message': message} return JsonResponse(data) else: # check if username exist to track failed login attempts if models.Users.objects.filter(username=username).exists(): if User.objects.filter(username=username).exists(): message = 'User "{}" tried to log in.'.format(username) log.warning(message) # message + log entry message = 'Authentication failed! Please provide valid username and password.' # log.warning(message) data = {'response': False, 'message': message} return JsonResponse(data) else: # message + log entry message = 'Authentication failed! Please provide valid username and password.' # log.warning(message) data = {'response': False, 'message': message} return JsonResponse(data) # GET else: context['login'] = [forms.LoginForm().as_p()] return render(request, 'lab/index.html', context)
settings:
AUTHENTICATION_BACKENDS = [ 'lab.backend.MyBackend', # 'django.contrib.auth.backends.ModelBackend' ] # AUTH_USER_MODEL = 'lab.Users'
Thanks for any help !!!
No comments:
Post a Comment