多个Django应用程序，共享身份验证

本文介绍了多个Django应用程序，共享身份验证的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

这个问题的两个答案取决于分享是不同的网站或不同的子域名。第二个答案：多个Django应用程序，共享身份验证

用户访问site1并登录。如果他去了site2，那么他应该已经在该网站上登录（认证）了。

site1和site2由同一台服务器上的不同Django应用程序处理。

我得到站点可以共享包含身份验证表的数据库。我不知道会话数据是如何处理的。登录到site1后，用户进入site2。在这里他总是有request.user =AnonymousUser：AnonymousUser而不是user_id。

我已将其设置为： docs.djangoproject/en/dev/topics/db/multi-db/ ：

site1的设置包含一个包含验证模型和其他数据表的数据库。 site2的设置有2个数据库。一个有自己的数据表，也是user1使用的数据表。我基本上复制了AuthRouter类并设置了数据库路由器。

我不可能做什么？我实际上并不了解两个站点如何共享会话数据。 Django之外需要特别的东西吗？还是应该这样工作？我可以在这里列出我的代码，但是如果我对这个错误的基本思考不想混淆这个问题。

编辑：这是我的设置。我在本地主机上尝试这样做。

Site1在本地主机上运行：8080

site2在localhost上运行： 8000

SITE2 APP：

db_router.py：

$ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：：： 返回'the_ui'返回无＃写入 def allow_syncdb（self，db，model）：如果db =='the_ui '： return model._meta.app_label =='auth' elif model._meta.app_label =='auth'： return False return None class OtherRouter（object）： def db_for_read（self，model，** hints）：返回default＃相同的写，关系，syncdb

settings.py：

DATABASE_ROUTERS = ['site2_app.db_router.AuthRouter'，'site2_app $ db $ b SESSION_COOKIE_DOMAIN ='http：// localhost：8080' SESSION_ENGINE =django.contrib.sessions.backends.signed_cookies DATABASES = {'default'：{＃... }，'the_ui'：{＃... } }

SITE 1 APP：

＃no router ＃只有单个数据库，与site2中使用的the_ui相同 SESSION_ENGINE =django.contrib.sessions.backends.signed_cookies

解决方案

正如您所说，两个站点可以通过共享数据库具有相同的身份验证数据或同步各个数据库之间的Users表。

这将确保site1的任何用户将自动成为site2的成员，反之亦然。

但是，您登录site1的任何用户的要求应该自动登录到site2有点棘手。您真正需要的是单点登录（SSO）

为什么只能共享数据库（包括会话数据）无法实现这一点，是因为site2无法访问由浏览器上的site1设置的cookie，因为跨域问题。

有许多使用Django的SSO解决方案。看看这个的问题。虽然我从未使用过， Django-openid 似乎是一个很好的选择。

Two answers to this question, depending on whether sharing is across different sites or different subdomains Second answer: Multiple Django apps, shared authentication

A user goes to site1 and logs in. Now, if he goes to site2, then he should already be logged in (authenticated) at that site.

site1 and site2 are handled by different Django apps on the same sever.

I get that the sites can share the database containing the authentication tables. What I don't get is how the session data is handled. After logging in to site1, the user goes to site2. Here he always has request.user = "AnonymousUser: AnonymousUser" instead of a user_id.

I have set it up as here: docs.djangoproject/en/dev/topics/db/multi-db/ :

site1's settings has a single database that contains the auth models as well as some other data tables. site2's settings has 2 databases. One with its own data tables and also the one used by user1. I essentially copied class AuthRouter and set up the database router.

Is it not possible what I am trying to do? I don't actually understand how the two sites can share session data. Do I need something special outside of Django? Or should this work? I can include my code here, but don't want to confuse the issue if my basic thinking about this is wrong.

EDIT: here is my setup. I am trying this on localhost.

Site1 is running on localhost:8080

site2 is running on localhost:8000

SITE2 APP:

db_router.py:

class AuthRouter(object): def db_for_read(self, model, **hints): if model._meta.app_label == 'auth': return 'the_ui' return None # same for write def allow_syncdb(self, db, model): if db == 'the_ui': return model._meta.app_label == 'auth' elif model._meta.app_label == 'auth': return False return None class OtherRouter(object): def db_for_read(self, model, **hints): return "default" # same for write, relation, syncdb

settings.py:

DATABASE_ROUTERS = ['site2_app.db_router.AuthRouter', 'site2_app.db_router.OtherRouter'] SESSION_COOKIE_DOMAIN = 'localhost:8080' SESSION_ENGINE = "django.contrib.sessions.backends.signed_cookies" DATABASES = { 'default': { # ... }, 'the_ui': { # ... } }

SITE 1 APP:

# no router # only single database, same as the "the_ui" used in site2 SESSION_ENGINE = "django.contrib.sessions.backends.signed_cookies"

解决方案

As you said, the two sites can have the same authentication data by sharing the database or syncing the Users table between their respective databases.

This will ensure any user of site1 will automatically become a member of site2 and vice versa.

But your requirement of- any user who logs into site1 should get automatically logged in site2 is a bit tricky. What you really need is Single Sign On (SSO).

Why it can't be achieved by merely sharing the database (including session data) is because site2 can never gain access to a cookie set by site1 on the browser because of cross domain issues.

There are many SSO solutions using Django. Have a look at this SO question. Though I have never used it, Django-openid seems a good option.