> Try to write my own backend authenticate function, but users from
> anothe table can not login. What can it be? Any suggestions?
I hope somebody use custom backend authentication? Please, do not
ignore my letters. :)
Each function in view may have auth atttribute with an list of permission test functions, and 99% of functions in views.py have ones.
For example:
view.auth = [check_is_admin, check_is_manager]
My AuthMiddleware (I'm used some code from djando 0.91 distribution as base when start implementing this) executed each function in list and check if one returned True. Otherwise it redirected to login page. It would be better to use decorators, but I feel too lazy to rewrite all code :-)
Here my middleware/auth.py:
from django.http import HttpResponseRedirect
from django.core.exceptions import ObjectDoesNotExist
import re
from myinet.settings import ROOT_URL
from myinet.users.models import User, SESSION_KEY
from myinet.libs import debug
LOGIN_URL = ROOT_URL + '/users/login/'
LOGIN_URL = re.sub('/+', '/', LOGIN_URL)
def get_muser(request):
muser = User()
if not hasattr(request, 'user'):
try:
user_id = request.session[SESSION_KEY]
if not user_id:
raise ValueError
muser = User.objects.filter(pk=user_id).exclude(disabled__exact=True).get()
except (AttributeError, KeyError, ValueError, ObjectDoesNotExist), e:
muser = User()
return muser
class AuthMiddleware(object):
def process_view(self, request, view_func, view_args, view_kwargs):
from myinet.users.views import login
# Refresh muser attribute of request object
request.__class__.muser = get_muser(request)
if id(view_func) == id(login):
# Do not break login process
return None
acls = getattr(view_func, 'auth', None)
# Function does not have permissions - assume it world accessable
if acls is None: return None
for check_func in acls:
if check_func(request.__class__.muser, **view_kwargs):
return None
new_url = LOGIN_URL + '?url=' + request.path
return HttpResponseRedirect(new_url)
--
Andrew Degtiariov
DA-RIPE
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---