Python程式設計：Django中間件實作登陸驗證

Django

請求處理圖

當然可以使用裝飾器，不過不利于維護，還是妥妥的使用中間件

設定 

setting.py

MIDDLEWARE = [
    'mymiddlewares.AccessAuthMiddleWare',
]

# 放行url，不進行登入驗證
EXCLUDE_URL = [
    "/login"
]

# 使用者名密碼
USERS = [
    ("username", "password")
]      

自定義 

mymiddleware.py

import re
from django.shortcuts import redirect
from django.utils.deprecation import MiddlewareMixin
from settings import EXCLUDE_URL, USERS


exclued_path = [re.compile(item) for item in EXCLUDE_URL]


class AccessAuthMiddleWare(MiddlewareMixin):
    """
    通路控制
    """

    def process_request(self, request):
        # 放行
        url_path = request.path
        for each in exclued_path:
            if re.match(each, url_path):
                return None

        # 驗證
        user = request.COOKIES.get('user')
        password = request.COOKIES.get('password')
        if (user, password) in USERS:
            return None
        else:
            return redirect('/login')
      

參考

Django+中間件+登陸驗證