当前位置: 动力学知识库 > 问答 > 编程问答 >

How to manually authenticate after get django user?

问题描述:

Im writing a facebook-connect app that login user after authenticate session on facebook, question is how can i authenticate user on django after get user object?

user = User.objects.get(email=email)

user = authenticate(username=user.username, password=user.password)

login(request, user)

Is there another way to achieve this ?

网友答案:

You don't actually need to authenticate() first if you do this (but I didn't tell you!):

user.backend = 'django.contrib.auth.backends.ModelBackend'

login(request, user)

网友答案:

There are two things you should look at and be aware of based on your question and example.

First, the way you handle alternate authentication methods (e.g. facebook oauth) are authentication backends. You can look at djangopackages.com for existing options or write your own. The backend(s) you have configured are what will define what parameters authenticate() is expecting to receive (e.g. a facebook backend wouldn't expect a password as a password doesn't make sense in that context).

Second, doing user.password won't get you the user's actual password. As a security measure, Django stores passwords as salted one-way hashes. This means that, by design, you cannot determine a user's password based on what is stored in the database.

网友答案:

authenticate() and login() each provide different tasks, and both (or the equivalent pulled from the Django code and updated for each version of Django) are required in order to log a user in.

分享给朋友:
您可能感兴趣的文章:
随机阅读: