NPDD/Baobáxia/Autenticação

(Diferença entre revisões)
Ir para: navegação, pesquisa
(Exemplo com credenciais no settings.py)
(Exemplo com credenciais no settings.py)
Linha 32: Linha 32:
  
 
=== Exemplo com credenciais no settings.py ===
 
=== Exemplo com credenciais no settings.py ===
 +
from django.conf import settings
 +
from django.contrib.auth.models import User, check_password
  
from django.conf import settingsfrom django.contrib.auth.models import User, check_password class SettingsBackend(object):     """     Authenticate against the settings ADMIN_LOGIN and ADMIN_PASSWORD.       Use the login name, and a hash of the password. For example:       ADMIN_LOGIN = 'admin'     ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'     """      def authenticate(self, username=None, password=None):         login_valid = (settings.ADMIN_LOGIN == username)         pwd_valid = check_password(password, settings.ADMIN_PASSWORD)         if login_valid and pwd_valid:             try:                 user = User.objects.get(username=username)             except User.DoesNotExist:                 # Create a new user. Note that we can set password                 # to anything, because it won't be checked; the password                 # from settings.py will.                 user = User(username=username, password='get from settings.py')                 user.is_staff = True                 user.is_superuser = True                 user.save()             return user         return None      def get_user(self, user_id):         try:             return User.objects.get(pk=user_id)         except User.DoesNotExist:             return None
+
class SettingsBackend(object):
 +
    """
 +
    Authenticate against the settings ADMIN_LOGIN and ADMIN_PASSWORD.
 +
 
 +
    Use the login name, and a hash of the password. For example:
 +
 
 +
    ADMIN_LOGIN = 'admin'
 +
    ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'
 +
    """
 +
 
 +
     def authenticate(self, username=None, password=None):
 +
        login_valid = (settings.ADMIN_LOGIN == username)
 +
        pwd_valid = check_password(password, settings.ADMIN_PASSWORD)
 +
        if login_valid and pwd_valid:
 +
            try:
 +
                user = User.objects.get(username=username)
 +
            except User.DoesNotExist:
 +
                # Create a new user. Note that we can set password
 +
                # to anything, because it won't be checked; the password
 +
                # from settings.py will.
 +
                user = User(username=username, password='get from settings.py')
 +
                user.is_staff = True
 +
                user.is_superuser = True
 +
                user.save()
 +
            return user
 +
        return None
 +
 
 +
     def get_user(self, user_id):
 +
        try:
 +
            return User.objects.get(pk=user_id)
 +
        except User.DoesNotExist:
 +
            return None

Edição das 00h39min de 2 de outubro de 2013

Open ID

Testando o python-openid.. Acho que a partir do exemplo de servidor (https://github.com/openid/python-openid/blob/master/examples/server.py) è possivel ler num arquivo mudando a doLogin:

    def doLogin(self):
       if 'submit' in self.query:
           if 'user' in self.query:
               self.user = self.query['user']
               # Codigo para ler o arquivo e montar um objeto user on-the-fly a 
               # partir dos dados no arquivo
           else:
               self.user = None
           self.redirect(self.query['success_to'])
       elif 'cancel' in self.query:
           self.redirect(self.query['fail_to'])
       else:
           assert 0, 'strange login %r' % (self.query,)


Django Authentication Backend

Esse caminho è mais direto e possivelmente o melhor para poder atender demandas especificas. Precisa criar uma classe que implemente duas funções: get_user(user_id) and authenticate(**credentials).

get_user
  • recebe user_id que pode ser o nome do usuario o algum codigo o importante que seja a primary key do objeto User
  • retorna um objeto User
authenticate(**credentials)
  • recebe alguns argumentos por exemplo:
class MyBackend(object):
     def authenticate(self, username=None, password=None):
     # Check the username/password and return a User.        ...

Exemplo com credenciais no settings.py

from django.conf import settings
from django.contrib.auth.models import User, check_password
class SettingsBackend(object):
    """
    Authenticate against the settings ADMIN_LOGIN and ADMIN_PASSWORD.
    Use the login name, and a hash of the password. For example:
    ADMIN_LOGIN = 'admin'
    ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'
    """
    def authenticate(self, username=None, password=None):
        login_valid = (settings.ADMIN_LOGIN == username)
        pwd_valid = check_password(password, settings.ADMIN_PASSWORD)
        if login_valid and pwd_valid:
            try:
                user = User.objects.get(username=username)
            except User.DoesNotExist:
                # Create a new user. Note that we can set password
                # to anything, because it won't be checked; the password
                # from settings.py will.
                user = User(username=username, password='get from settings.py')
                user.is_staff = True
                user.is_superuser = True
                user.save()
            return user
        return None
    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None
Ferramentas pessoais
Espaços nominais
Variantes
Ações
Navegação
Ferramentas
Rede Mocambos