【发布时间】:2011-07-05 04:56:15
【问题描述】:
当用户登录时,他提供了他的姓名和原始密码,这些密码经过哈希处理并与 db 的值进行比较。
def login(request):
username = request.POST['username']
password = request.POST['password']
user = auth.authenticate(username=username, password=password)
if user is not None and user.is_active:
# user is active
auth.login(request, user)
# relink to right page
return HttpResponseRedirect("/account/loggedin/")
else:
# error page
return HttpResponseRedirect("/account/invalid/")
或者我可以使用:
@login_required
def index(request):
if request.user.is_authenticated():
return render_to_response('polls/index.html', {'sessionDic' : request.session})
else:
#some stuff
问题是:一旦用户登录,以下请求仅包含经过检查的 cookie,用户无需再次输入其凭据。
但是,我需要在每种方法中的 View 中都有原始用户密码才能登录 linux 用户并以该用户身份执行一些 linux 程序。例如su程序用于切换ritgh linux用户:
def ssh_command (user, password, command):
child = pexpect.spawn('su -l %s -c \'%s\'' % (user, command))
i = child.expect([pexpect.TIMEOUT, pexpect.EOF, 'Password: '])
if i == 0: # Timeout
print 'ERROR!'
print 'su can\'t be executed:'
print child.before, child.after
return None
if i == 1: # EOF
print 'ERROR'
print 'EOF error'
print child.before, child.after
return None
child.sendline(password)
return child
def main ():
user = 'test'
password = 'test'
child = ssh_command (user, password, 'curl habrahabr.ru | wc -c')
child.expect(pexpect.EOF)
print child.before
print child.after
print child.match
如何存储原始用户密码并将其替换为所需的功能?
【问题讨论】: