def verify(self):
if self.request.user.is_verified():
return True
if not self.request.user.is_authenticated:
user_login_failed.send(
sender=self.request.user,
request=self.request,
credentials={
'username': self.cleaned_data['username']
}
)
return False
def authenticate(request, **credentials):
"""
重写authenticate方法
"""
for backend, backend_path in _get_backends(return_tuples=True):
try:
inspect.getcallargs(backend.authenticate, request, **credentials)
except TypeError:
continue
flag, user = backend.authenticate(request, **credentials)
if not flag:
user_login_failed.send(sender=__name__,
credentials=_clean_credentials(credentials),
request=request)
return flag, user
user.backend = backend_path
return flag, user
def authenticate(request=None, **credentials):
"""
If the given credentials are valid, return a User object.
"""
username = credentials.get('username')
allowed_auth_backends = User.get_user_allowed_auth_backends(username)
for backend, backend_path in _get_backends(return_tuples=True):
# 预先检查,不浪费认证时间
if not check_backend_can_auth(username, backend_path,
allowed_auth_backends):
continue
backend_signature = inspect.signature(backend.authenticate)
try:
backend_signature.bind(request, **credentials)
except TypeError:
# This backend doesn't accept these credentials as arguments. Try the next one.
continue
try:
user = backend.authenticate(request, **credentials)
except PermissionDenied:
# This backend says to stop in our tracks - this user should not be allowed in at all.
break
if user is None:
continue
# 如果是 None, 证明没有检查过, 需要再次检查
if allowed_auth_backends is None:
# 有些 authentication 参数中不带 username, 之后还要再检查
allowed_auth_backends = user.get_allowed_auth_backends()
if not check_backend_can_auth(user.username, backend_path,
allowed_auth_backends):
continue
# Annotate the user object with the path of the backend.
user.backend = backend_path
return user
# The credentials supplied are invalid to all backends, fire signal
user_login_failed.send(sender=__name__,
credentials=_clean_credentials(credentials),
request=request)
def get_auth_user(**credentials):
"""
不需要密码的验证
"""
for backend in get_backends():
try:
inspect.getcallargs(backend.authenticate, **credentials)
except TypeError:
continue
try:
UserModel = get_user_model()
user = UserModel._default_manager.get_by_natural_key(**credentials)
except PermissionDenied:
return None
if user is None:
continue
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
return user
user_login_failed.send(sender=__name__,
credentials=_clean_credentials(credentials))
def authenticate(request=None, **credentials):
"""
If the given credentials are valid, return a User object.
之所以 hack 这个 auticate
"""
username = credentials.get('username')
for backend, backend_path in _get_backends(return_tuples=True):
# 检查用户名是否允许认证 (预先检查,不浪费认证时间)
logger.info('Try using auth backend: {}'.format(str(backend)))
if not backend.username_allow_authenticate(username):
continue
# 原生
backend_signature = inspect.signature(backend.authenticate)
try:
backend_signature.bind(request, **credentials)
except TypeError:
# This backend doesn't accept these credentials as arguments. Try the next one.
continue
try:
user = backend.authenticate(request, **credentials)
except PermissionDenied:
# This backend says to stop in our tracks - this user should not be allowed in at all.
break
if user is None:
continue
# 检查用户是否允许认证
if not backend.user_allow_authenticate(user):
continue
# Annotate the user object with the path of the backend.
user.backend = backend_path
return user
# The credentials supplied are invalid to all backends, fire signal
user_login_failed.send(sender=__name__,
credentials=_clean_credentials(credentials),
request=request)
def validate(self, attrs):
for key in self.fields:
if key not in attrs and self.fields[key].required:
msg = _('Must include %s.' % (key, ))
raise exceptions.ValidationError(msg)
user = authenticate(**attrs)
if user:
if not user.is_active:
msg = {
'msg': 'User account is not activated.',
'id_user': user.id
}
raise exceptions.ValidationError(msg)
if user.is_disabled:
raise exceptions.ValidationError(
_('Your account have been disabled.'))
else:
user_login_failed.send(sender=user.__class__, credentials=attrs)
msg = _('Unable to log in with provided credentials.')
raise exceptions.ValidationError(msg)
user_logged_in.send(sender=user.__class__, user=user)
attrs['user'] = user
return attrs