NPDD/Baobáxia/Autenticação

(Diferença entre revisões)
Ir para: navegação, pesquisa
(Django Authentication Backend)
(Exemplo com credenciais no settings.py)
Linha 33: Linha 33:
 
=== Exemplo com credenciais no settings.py ===
 
=== Exemplo com credenciais no settings.py ===
  
from django.conf import settingsfrom django.contrib.auth.models import User, check_passwordclass SettingsBackend(object):   """   Authenticate against the settings ADMIN_LOGIN and ADMIN_PASSWORD.   Use the login name, and a hash of the password. For example:   ADMIN_LOGIN = 'admin'   ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'   """   def authenticate(self, username=None, password=None):       login_valid = (settings.ADMIN_LOGIN == username)       pwd_valid = check_password(password, settings.ADMIN_PASSWORD)       if login_valid and pwd_valid:           try:               user = User.objects.get(username=username)           except User.DoesNotExist:               # Create a new user. Note that we can set password               # to anything, because it won't be checked; the password               # from settings.py will.               user = User(username=username, password='get from settings.py')               user.is_staff = True               user.is_superuser = True               user.save()           return user       return None   def get_user(self, user_id):       try:           return User.objects.get(pk=user_id)       except User.DoesNotExist:           return None
+
from django.conf import settingsfrom django.contrib.auth.models import User, check_password class SettingsBackend(object):     """     Authenticate against the settings ADMIN_LOGIN and ADMIN_PASSWORD.       Use the login name, and a hash of the password. For example:       ADMIN_LOGIN = 'admin'     ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'     """     def authenticate(self, username=None, password=None):         login_valid = (settings.ADMIN_LOGIN == username)         pwd_valid = check_password(password, settings.ADMIN_PASSWORD)         if login_valid and pwd_valid:             try:                 user = User.objects.get(username=username)             except User.DoesNotExist:                 # Create a new user. Note that we can set password                 # to anything, because it won't be checked; the password                 # from settings.py will.                 user = User(username=username, password='get from settings.py')                 user.is_staff = True                 user.is_superuser = True                 user.save()             return user         return None     def get_user(self, user_id):         try:             return User.objects.get(pk=user_id)         except User.DoesNotExist:             return None

Edição das 00h35min de 2 de outubro de 2013

Open ID

Testando o python-openid.. Acho que a partir do exemplo de servidor (https://github.com/openid/python-openid/blob/master/examples/server.py) è possivel ler num arquivo mudando a doLogin:

    def doLogin(self):
       if 'submit' in self.query:
           if 'user' in self.query:
               self.user = self.query['user']
               # Codigo para ler o arquivo e montar um objeto user on-the-fly a 
               # partir dos dados no arquivo
           else:
               self.user = None
           self.redirect(self.query['success_to'])
       elif 'cancel' in self.query:
           self.redirect(self.query['fail_to'])
       else:
           assert 0, 'strange login %r' % (self.query,)


Django Authentication Backend

Esse caminho è mais direto e possivelmente o melhor para poder atender demandas especificas. Precisa criar uma classe que implemente duas funções: get_user(user_id) and authenticate(**credentials).

get_user
  • recebe user_id que pode ser o nome do usuario o algum codigo o importante que seja a primary key do objeto User
  • retorna um objeto User
authenticate(**credentials)
  • recebe alguns argumentos por exemplo:
class MyBackend(object):
     def authenticate(self, username=None, password=None):
     # Check the username/password and return a User.        ...

Exemplo com credenciais no settings.py

from django.conf import settingsfrom django.contrib.auth.models import User, check_password class SettingsBackend(object): """ Authenticate against the settings ADMIN_LOGIN and ADMIN_PASSWORD. Use the login name, and a hash of the password. For example: ADMIN_LOGIN = 'admin' ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de' """ def authenticate(self, username=None, password=None): login_valid = (settings.ADMIN_LOGIN == username) pwd_valid = check_password(password, settings.ADMIN_PASSWORD) if login_valid and pwd_valid: try: user = User.objects.get(username=username) except User.DoesNotExist: # Create a new user. Note that we can set password # to anything, because it won't be checked; the password # from settings.py will. user = User(username=username, password='get from settings.py') user.is_staff = True user.is_superuser = True user.save() return user return None def get_user(self, user_id): try: return User.objects.get(pk=user_id) except User.DoesNotExist: return None

Ferramentas pessoais
Espaços nominais
Variantes
Ações
Navegação
Ferramentas
Rede Mocambos