我有一个django网站,其中包含许多网址和视图。现在,我已要求将所有未经过身份验证的用户重定向到某个目标网页。因此,所有观看次数必须检查是否user.is_authenticated()并返回到一组新的着陆页。
可以用漂亮的方式完成,而不是那么多地弄乱我的views.py / urls.py吗?
答案 0 :(得分:17)
您可以使用中间件。
这样的事情将检查用户auth每个请求:
class AuthRequiredMiddleware(object):
def process_request(self, request):
if not request.user.is_authenticated():
return HttpResponseRedirect(reverse('landing_page')) # or http response
return None
文档: process_request
另外,不要忘记在settings.py
中启用它MIDDLEWARE_CLASSES = (
...
'path.to.your.AuthRequiredMiddleware',
)
答案 1 :(得分:16)
有一种更简单的方法,只需将“login_url”参数添加到@login_required,如果用户未登录,则会将其重定向到登录页面。你可以找到它here
from django.contrib.auth.decorators import login_required
@login_required(login_url='/accounts/login/')
def my_view(request):
...
答案 2 :(得分:10)
从Django 1.10开始,自定义中间件类必须实现新的样式语法。您可以使用以下类来验证用户在尝试访问任何视图时是否已登录。
from django.shortcuts import HttpResponseRedirect
class AuthRequiredMiddleware(object):
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
# Code to be executed for each request before
# the view (and later middleware) are called.
response = self.get_response(request)
if not request.user.is_authenticated():
return HttpResponseRedirect('login')
# Code to be executed for each request/response after
# the view is called.
return response
答案 3 :(得分:9)
from django.contrib.auth.decorators import login_required
@login_required
def my_view(request):
...
另一个选项是将其添加到您的urls.py模式,请参阅this answer
urlpatterns = patterns('',
(r'^foo/$', login_required(direct_to_template), {'template': 'foo_index.html'}),
)
答案 4 :(得分:3)
这可以通过中间件完成。
我找到了一个非常漂亮的djangosnippet,完全符合你的要求。您可以找到它here,它看起来像:
from django.http import HttpResponseRedirect
from django.conf import settings
from re import compile
EXEMPT_URLS = [compile(settings.LOGIN_URL.lstrip('/'))]
if hasattr(settings, 'LOGIN_EXEMPT_URLS'):
EXEMPT_URLS += [compile(expr) for expr in settings.LOGIN_EXEMPT_URLS]
class LoginRequiredMiddleware:
"""
Middleware that requires a user to be authenticated to view any page other
than LOGIN_URL. Exemptions to this requirement can optionally be specified
in settings via a list of regular expressions in LOGIN_EXEMPT_URLS (which
you can copy from your urls.py).
Requires authentication middleware and template context processors to be
loaded. You'll get an error if they aren't.
"""
def process_request(self, request):
assert hasattr(request, 'user'), "The Login Required middleware\
requires authentication middleware to be installed. Edit your\
MIDDLEWARE_CLASSES setting to insert\
'django.contrib.auth.middlware.AuthenticationMiddleware'. If that doesn't\
work, ensure your TEMPLATE_CONTEXT_PROCESSORS setting includes\
'django.core.context_processors.auth'."
if not request.user.is_authenticated():
path = request.path_info.lstrip('/')
if not any(m.match(path) for m in EXEMPT_URLS):
return HttpResponseRedirect(settings.LOGIN_URL)
您所要做的就是将文件保存为middleware.py,并在您的settings.py中包含该类,即
MIDDLEWARE_CLASSES += ('projectname.common.middleware.RequireLoginMiddleware',)
您还可以在LOGIN_URL中定义settings.py,以便将您重定向到自定义登录页面。默认LOGIN_URL为'/accounts/login/'。
答案 5 :(得分:1)
也许为时已晚,但在Django 1.9+中,这太容易了。 Django为泛型类引入了Login Required mixin,这是一个很好的例子 here由William S. Vincent
只需在您的视图中将LoginRequiredMixin添加为父类
from django.contrib.auth.mixins import LoginRequiredMixin
class BlogUpdateView(LoginRequiredMixin, UpdateView):
model = Post
template_name = 'post_edit.html'
fields = ['title', 'body']
您还可以使用login_required decorator进行方法请求
答案 6 :(得分:1)
您可以通过设置login_url来避免指定LOGIN_URL。
在settings.py中:
LOGIN_URL = '<some_url>'
在views.py中:
@login_required
def some_view_function(request):
如果您需要在视图函数中进行重定向,可以使用以下方法实现:
return redirect_to_login(request.get_full_path())
答案 7 :(得分:0)
from django.contrib.auth.decorators import login_required
@login_required(login_url='/login/')
def home(request):
return render(request, "home.html")