我使用LDAP创建自定义身份验证后端。我想检查用户是否存在于数据库中,但是"委托"密码检查到LDAP(密码更改通常是由于公司政策)。
使用django管理界面时后端运行良好,但是当我使用FormView创建自定义登录页面时出现以下错误:
Environment:
Request Method: POST
Request URL: http://localhost:8000/accounts/login/
Django Version: 1.7
Python Version: 3.4.2
Installed Applications:
('django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'widget_tweaks',
'defekts',
'account')
Installed Middleware:
('django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware')
Traceback:
File "/var/www/django_local/lib/python3.4/site-packages/django/core/handlers/base.py" in get_response
111. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/var/www/django_local/lib/python3.4/site-packages/django/views/generic/base.py" in view
69. return self.dispatch(request, *args, **kwargs)
File "/var/www/django_local/lib/python3.4/site-packages/django/views/generic/base.py" in dispatch
87. return handler(request, *args, **kwargs)
File "/var/www/django_local/lib/python3.4/site-packages/django/views/generic/edit.py" in post
173. return self.form_valid(form)
File "/var/www/django_local/local/account/views.py" in form_valid
17. auth_login(form.request, user)
File "/var/www/django_local/lib/python3.4/site-packages/django/contrib/auth/__init__.py" in login
86. if SESSION_KEY in request.session:
Exception Type: AttributeError at /accounts/login/
Exception Value: 'NoneType' object has no attribute 'session'
settings.py
AUTHENTICATION_BACKENDS = (
#'django.contrib.auth.backends.ModelBackend',
'account.LDAPBackend.LDAPBackend',
)
views.py
from django.contrib.messages.views import SuccessMessageMixin, messages
from django.core.urlresolvers import reverse, reverse_lazy
from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth import login as auth_login, logout as auth_logout
from django.views.generic import FormView
# Create your views here.
class LoginView(FormView):
form_class = AuthenticationForm
template_name = 'account/login.html'
success_url = reverse_lazy("defekts:index")
def form_valid(self, form):
user = form.get_user()
auth_login(form.request, user)
return super(LoginView, self).form_valid(form)
帐户/ LDAPBackend /的初始化的.py
import ldap
from django.contrib.auth.models import User, check_password
from django.contrib.auth import get_user_model
class LDAPBackend(object):
def authenticate(self, username=None, password=None):
if username is None:
return None
try:
# user = User.objects.get(username=username)
user = get_user_model().objects.get(username=username)
except User.DoesNotExist:
# TODO: Raise error
return None
try:
connection = ldap.initialize("ldap://example.com")
connection.protocol_version = ldap.VERSION3
connection.simple_bind_s("example.com\\"+username, password)
except ldap.INVALID_CREDENTIALS:
return None
except ldap.SERVER_DOWN:
# TODO: Return error instead of none
return None
return user
def get_user(self, userid):
try:
return User.objects.get(pk=userid)
except User.DoesNotExist:
return None
我错过了什么吗?提前谢谢。
答案 0 :(得分:3)
致电auth_login
时,请self.request
而非form.request
。