def verify(self): if self.request.user.is_verified(): return True if not self.request.user.is_authenticated: user_login_failed.send( sender=self.request.user, request=self.request, credentials={ 'username': self.cleaned_data['username'] } ) return False
def authenticate(request, **credentials): """ 重写authenticate方法 """ for backend, backend_path in _get_backends(return_tuples=True): try: inspect.getcallargs(backend.authenticate, request, **credentials) except TypeError: continue flag, user = backend.authenticate(request, **credentials) if not flag: user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials), request=request) return flag, user user.backend = backend_path return flag, user
def authenticate(request=None, **credentials): """ If the given credentials are valid, return a User object. """ username = credentials.get('username') allowed_auth_backends = User.get_user_allowed_auth_backends(username) for backend, backend_path in _get_backends(return_tuples=True): # 预先检查,不浪费认证时间 if not check_backend_can_auth(username, backend_path, allowed_auth_backends): continue backend_signature = inspect.signature(backend.authenticate) try: backend_signature.bind(request, **credentials) except TypeError: # This backend doesn't accept these credentials as arguments. Try the next one. continue try: user = backend.authenticate(request, **credentials) except PermissionDenied: # This backend says to stop in our tracks - this user should not be allowed in at all. break if user is None: continue # 如果是 None, 证明没有检查过, 需要再次检查 if allowed_auth_backends is None: # 有些 authentication 参数中不带 username, 之后还要再检查 allowed_auth_backends = user.get_allowed_auth_backends() if not check_backend_can_auth(user.username, backend_path, allowed_auth_backends): continue # Annotate the user object with the path of the backend. user.backend = backend_path return user # The credentials supplied are invalid to all backends, fire signal user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials), request=request)
def get_auth_user(**credentials): """ 不需要密码的验证 """ for backend in get_backends(): try: inspect.getcallargs(backend.authenticate, **credentials) except TypeError: continue try: UserModel = get_user_model() user = UserModel._default_manager.get_by_natural_key(**credentials) except PermissionDenied: return None if user is None: continue user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) return user user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials))
def authenticate(request=None, **credentials): """ If the given credentials are valid, return a User object. 之所以 hack 这个 auticate """ username = credentials.get('username') for backend, backend_path in _get_backends(return_tuples=True): # 检查用户名是否允许认证 (预先检查,不浪费认证时间) logger.info('Try using auth backend: {}'.format(str(backend))) if not backend.username_allow_authenticate(username): continue # 原生 backend_signature = inspect.signature(backend.authenticate) try: backend_signature.bind(request, **credentials) except TypeError: # This backend doesn't accept these credentials as arguments. Try the next one. continue try: user = backend.authenticate(request, **credentials) except PermissionDenied: # This backend says to stop in our tracks - this user should not be allowed in at all. break if user is None: continue # 检查用户是否允许认证 if not backend.user_allow_authenticate(user): continue # Annotate the user object with the path of the backend. user.backend = backend_path return user # The credentials supplied are invalid to all backends, fire signal user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials), request=request)
def validate(self, attrs): for key in self.fields: if key not in attrs and self.fields[key].required: msg = _('Must include %s.' % (key, )) raise exceptions.ValidationError(msg) user = authenticate(**attrs) if user: if not user.is_active: msg = { 'msg': 'User account is not activated.', 'id_user': user.id } raise exceptions.ValidationError(msg) if user.is_disabled: raise exceptions.ValidationError( _('Your account have been disabled.')) else: user_login_failed.send(sender=user.__class__, credentials=attrs) msg = _('Unable to log in with provided credentials.') raise exceptions.ValidationError(msg) user_logged_in.send(sender=user.__class__, user=user) attrs['user'] = user return attrs