Django - 使用mongoengine数据库进行认证
我想在我的Django项目中使用mongoengine数据库来处理用户认证。
我试过一些旧问题中的例子,但都没能成功运行。我现在使用的是Django 1.6和mongoengine。所有东西都安装好了,运行正常,我也可以在我的Mongoengine数据库中创建和保存文档。
我在参考这个链接:http://mongoengine-odm.readthedocs.org/en/latest/django.html
但是我遇到了以下错误:
当我运行:
>>> from django.contrib.auth.models import User
>>> user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword')
我得到了这个:
Traceback (most recent call last):
File "<console>", line 1, in <module>
File "/REBORN/reb_env/local/lib/python2.7/site-packages/django/db/models/manager.py", line 273, in __get__
self.model._meta.object_name, self.model._meta.swapped
AttributeError: Manager isn't available; User has been swapped for 'mongo_auth.MongoUser'
>>>
我真的不明白两件事:
- 我需要自己创建和定义一个数据库来存储用户,还是说用户会自动创建?
- 什么是Manager?我没有定义任何管理相关的东西。
一开始我以为注册信息会保存在一个叫'mongo_auth.MongoUser'的数据库里,但实际上并没有保存到任何地方。
这是我的模型:
# Create your models here.
from mongoengine import *
class Profile(Document):
email = StringField(required=True)
first_name = StringField(max_length=50)
last_name = StringField(max_length=50)
class auth_user(Document):
username = StringField(max_length=50)
email = StringField(max_length=50)
password = StringField(max_length=50)
settings.py文件的配置是按照手册要求正确设置的。
编辑 @cestDiego:
我的设置完全一样,我注意到数据库后端的问题,因为它为我创建了一个我不想要的数据库,因为我使用的是mongo……总之,我现在是从mongoengine.django.auth导入User,但当我尝试创建一个用户时,它返回给我:
>>> user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword')
Traceback (most recent call last):
File "<console>", line 1, in <module>
AttributeError: 'QuerySet' object has no attribute 'create_user'
也许我们在自定义认证,所以才不工作,我也不知道。你也有这个问题吗?
第二次编辑:
我在阅读时发现,我们必须使用Django的认证系统,在配置好正确的设置后,就像我们俩都做的那样。
然后必须从django.contrib.auth导入authenticate,并按照Django文档中的说明使用authenticate,希望这能帮到你;D。
from django.shortcuts import render
# Create your views here.
from django.http import HttpResponse
from game.models import *
from mongoengine import *
from models import User
from django.contrib.auth import authenticate
def login(request):
user = authenticate(username='john', password='secret')
if user is not None:
# the password verified for the user
if user.is_active:
print("User is valid, active and authenticated")
else:
print("The password is valid, but the account has been disabled!")
else:
# the authentication system was unable to verify the username and password
print("The username and password were incorrect.")
3 个回答
3
我无法重现你遇到的错误信息,@Bugfixer。我猜这个问题可能是因为你的设置中有 AUTH_USER_MODEL 这个选项,只有在你使用自定义用户模型时,这个选项才需要放在设置里。
我会在这个回答中详细说明我如何让它在自定义用户模型下运行,并且我在其中添加了一个收藏数组:
settings.py
from mongoengine import *
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.dummy',
}
}
AUTHENTICATION_BACKENDS = (
'mongoengine.django.auth.MongoEngineBackend',
...
)
INSTALLED_APPS = (
'django.contrib.auth',
'mongoengine.django.mongo_auth',
....
)
SESSION_ENGINE = 'mongoengine.django.sessions'
AUTH_USER_MODEL=('mongo_auth.MongoUser')
MONGOENGINE_USER_DOCUMENT = 'MyAwesomeApp.app.models.CustomUser'
models.py
from mongoengine.django.auth import User
from mongoengine import *
class CustomUser(User):
"""Extend mongoengine User model"""
favorites = ListField(ReferenceField(MyReferencedModel, dbref=False))
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = () #must be list or tuple
def toJSON(self):
fav_list = []
for f in self.favorites:
fav_list.append(f.toJSON())
userJSON = {}
userJSON['id'] = str(self.pk)
userJSON['favorites'] = fav_list
userJSON['email'] = str(self.email)
userJSON['last_name'] = str(self.last_name)
userJSON['first_name'] = str(self.first_name)
userJSON['username'] = str(self.username)
return simplejson.dumps(userJSON)
views.py
from MyAwesomeApp.app.models import CustomUser
#util
def extractDataFromPost(request):
rawData = request.body.replace('false', 'False')
rawData = rawData.replace('true', 'True')
rawData = rawData.replace('null', 'None')
return eval(rawData)
#util
def jsonResponse(responseDict):
return HttpResponse(simplejson.dumps(responseDict), mimetype='application/json')
def createUser(request):
data = extractDataFromPost(request)
email = data["email"]
password = data["password"]
user_type = data["user_type"]
try:
user = CustomUser.objects.get(username=email)
return jsonResponse({'error':True, 'message': 'Email já cadastrado'})
except CustomUser.DoesNotExist:
user = CustomUser.create_user(email, password, email)
user.favorites = []
user.save()
user = authenticate(username=email, password=password)
user.backend = 'mongoengine.django.auth.MongoEngineBackend'
login(request, user)
request.session.set_expiry(3600000) # 1 hour timeout
del user.password
return HttpResponse(simplejson.dumps(user.toJSON()))
如果你遇到任何问题,请告诉我。
祝好
6
嘿,我跟你遇到的情况差不多。根据我了解的,你在settings.py文件里有这些内容:
AUTH_USER_MODEL = 'mongo_auth.MongoUser'
MONGOENGINE_USER_DOCUMENT = 'mongoengine.django.auth.User'
而在已安装的应用里有这个:
'mongoengine.django.mongo_auth'
这就意味着你现在使用的是Mongoengine的认证方法。你用的第一行代码是导入了Django的认证方法,所以这就是问题所在。你并没有在MongoDB里创建任何数据库,而是在你用backend.dummy设置的虚拟数据库里创建的,这个是Django的ORM(对象关系映射)的一部分。
我不太清楚怎么使用mongoengine的认证方法,如果你搞明白了,请也告诉我一下哦 ;) 希望我能稍微帮你理清一下我们面临的问题。其实就是多看看文档就能搞定。
编辑:(回答后1分钟)我在你链接的文档里找到了这个:
MongoEngine包含一个Django认证后端,它使用MongoDB。> 用户模型是一个MongoEngine文档,但实现了大部分标准Django用户模型的方法和属性 - 所以这两者是有一定兼容性的。
所以这就意味着在你的情况下,把
from django.contrib.auth import User
换成
from mongoengine.django.auth import User
6
我解决了这个问题
在Django 1.6版本中...
我的settings.py文件是这样的:
"""
Django settings for prova project.
For more information on this file, see
https://docs.djangoproject.com/en/1.6/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.6/ref/settings/
"""
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.6/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '^%r&tw5_steltu_ih&n6lvht0gs(0p#0p5z0br@+#l1o(iz_t6'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
TEMPLATE_DEBUG = True
ALLOWED_HOSTS = []
# Application definition
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sessions',
)
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
)
ROOT_URLCONF = 'prova.urls'
WSGI_APPLICATION = 'prova.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.6/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.dummy'
}
}
AUTHENTICATION_BACKENDS = (
'mongoengine.django.auth.MongoEngineBackend',
)
SESSION_ENGINE = 'mongoengine.django.sessions'
SESSION_SERIALIZER = 'mongoengine.django.sessions.BSONSerializer'
# Internationalization
# https://docs.djangoproject.com/en/1.6/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.6/howto/static-files/
STATIC_URL = '/static/'
而我的views.py文件是这样的:
from django.shortcuts import render
# Create your views here.
from django.http import HttpResponse
from game.models import *
from mongoengine import *
#from django.contrib.auth import authenticate
from mongoengine.django.auth import User
def login(request):
connect('reborn')
from django.contrib.auth import login
from mongoengine.django.auth import User
from mongoengine.queryset import DoesNotExist
from django.contrib import messages
try:
user = User.objects.get(username='bob')#request.POST['username'])
if user.check_password('bobpass'):#request.POST['password']):
user.backend = 'mongoengine.django.auth.MongoEngineBackend'
print login(request, user)
request.session.set_expiry(60 * 60 * 1) # 1 hour timeout
print "return"
return HttpResponse("LOGUEJAT")#redirect('index')
else:
print "malament"
messages.add_message(request,messages.ERROR,u"Incorrect login name or password !")
except DoesNotExist:
messages.add_message(request,messages.ERROR,u"Incorrect login name or password !")
return render(request, 'login.html', {})
def logout(request):#NOT TESTED
from django.contrib.auth import logout
logout(request)
return redirect('login')
def createuser(request):
connect('reborn')
User.create_user('boba','bobpass','bobsaget@fullhouse.gov')
return HttpResponse("SAVED")
现在用户对象在数据库中的保存方式是:
{
"_id" : ObjectId("53465fa60f04c6552ab77475"),
"_cls" : "User",
"username" : "boba",
"email" : "bobsaget@fullhouse.gov",
"password" : "pbkdf2_sha256$12000$ZYbCHP1K1kDE$Y4LnGTdKhh1irJVktWo1QZX6AlEFn+1daTEvQAMMehA=",
"is_staff" : false,
"is_active" : true,
"is_superuser" : false,
"last_login" : ISODate("2014-04-10T09:08:54.551Z"),
"date_joined" : ISODate("2014-04-10T09:08:54.550Z"),
"user_permissions" : [ ]
}