example为应用程序级别的视图提供了一个片段,但是如果我的"urls.py“文件中有许多不同的(和一些非应用程序的)条目,包括模板,该怎么办?我如何将这个login_required装饰器应用到它们中的每一个呢?
(r'^foo/(?P<slug>[-\w]+)/$', 'bugs.views.bug_detail'),
(r'^$', 'django.views.generic.simple.direct_to_template', {'template':'homepage.html'}),
发布于 2010-07-13 22:54:29
把它放到我的项目根目录下的middleware.py
文件中(取自http://onecreativeblog.com/post/59051248/django-login-required-middleware)
from django.http import HttpResponseRedirect
from django.conf import settings
from re import compile
EXEMPT_URLS = [compile(settings.LOGIN_URL.lstrip('/'))]
if hasattr(settings, 'LOGIN_EXEMPT_URLS'):
EXEMPT_URLS += [compile(expr) for expr in settings.LOGIN_EXEMPT_URLS]
class LoginRequiredMiddleware:
"""
Middleware that requires a user to be authenticated to view any page other
than LOGIN_URL. Exemptions to this requirement can optionally be specified
in settings via a list of regular expressions in LOGIN_EXEMPT_URLS (which
you can copy from your urls.py).
Requires authentication middleware and template context processors to be
loaded. You'll get an error if they aren't.
"""
def process_request(self, request):
assert hasattr(request, 'user'), "The Login Required middleware\
requires authentication middleware to be installed. Edit your\
MIDDLEWARE_CLASSES setting to insert\
'django.contrib.auth.middlware.AuthenticationMiddleware'. If that doesn't\
work, ensure your TEMPLATE_CONTEXT_PROCESSORS setting includes\
'django.core.context_processors.auth'."
if not request.user.is_authenticated():
path = request.path_info.lstrip('/')
if not any(m.match(path) for m in EXEMPT_URLS):
return HttpResponseRedirect(settings.LOGIN_URL)
然后在settings.py中将projectname.middleware.LoginRequiredMiddleware
附加到我的MIDDLEWARE_CLASSES。
发布于 2013-02-17 16:58:56
对于那些后来了解这一点的人,你可能会发现django-stronghold非常适合你的用例。您将所有想要公开的urls列入白名单,其余的都需要登录。
发布于 2013-05-13 21:27:35
这里有一个稍微短一些的中间件。
from django.contrib.auth.decorators import login_required
class LoginRequiredMiddleware(object):
def process_view(self, request, view_func, view_args, view_kwargs):
if not getattr(view_func, 'login_required', True):
return None
return login_required(view_func)(request, *view_args, **view_kwargs)
在不需要登录即可查看的每个视图上,您必须将"login_required“设置为False:
函数-视图:
def someview(request, *args, **kwargs):
# body of view
someview.login_required = False
基于类的视图:
class SomeView(View):
login_required = False
# body of view
#or
class SomeView(View):
# body of view
someview = SomeView.as_view()
someview.login_required = False
这意味着您必须对登录视图做一些处理,但无论如何,我总是要编写自己的auth-backend。
https://stackoverflow.com/questions/3214589
复制相似问题