Django 2 中的 Django OAuth Toolkit 中间件放在哪里?
Where to put Django OAuth Toolkit middleware in Django 2?
我正在尝试学习有关 Django OAuth 工具包的教程:https://django-oauth-toolkit.readthedocs.io/en/latest/tutorial/tutorial_03.html。说明说要更新 de MIDDLEWARE
如下:
MIDDLEWARE = (
'...',
# If you use SessionAuthenticationMiddleware, be sure it appears before OAuth2TokenMiddleware.
# SessionAuthenticationMiddleware is NOT required for using django-oauth-toolkit.
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'oauth2_provider.middleware.OAuth2TokenMiddleware',
'...',
)
但是,在我当前使用 Django 2.0.1 中的 startproject
生成的项目中,我同时看到了 SessionMiddleware
和 AuthenticationMiddleware
,但没有看到 SessionAuthenticationMiddleware
:
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
# 'oauth2_provider.middleware.OAuth2TokenMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
我应该把 OAuth2TokenMiddleware
放在哪里?在注释掉的行 AuthenticationMiddleware
之后?
SessionAuthenticationMiddleware class 已删除 - 会话身份验证在 1.10 中无条件启用。
(参见:https://docs.djangoproject.com/en/2.0/releases/2.0/#miscellaneous)
即是的,它应该在 AuthenticationMiddleware
之后
我正在尝试学习有关 Django OAuth 工具包的教程:https://django-oauth-toolkit.readthedocs.io/en/latest/tutorial/tutorial_03.html。说明说要更新 de MIDDLEWARE
如下:
MIDDLEWARE = (
'...',
# If you use SessionAuthenticationMiddleware, be sure it appears before OAuth2TokenMiddleware.
# SessionAuthenticationMiddleware is NOT required for using django-oauth-toolkit.
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'oauth2_provider.middleware.OAuth2TokenMiddleware',
'...',
)
但是,在我当前使用 Django 2.0.1 中的 startproject
生成的项目中,我同时看到了 SessionMiddleware
和 AuthenticationMiddleware
,但没有看到 SessionAuthenticationMiddleware
:
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
# 'oauth2_provider.middleware.OAuth2TokenMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
我应该把 OAuth2TokenMiddleware
放在哪里?在注释掉的行 AuthenticationMiddleware
之后?
SessionAuthenticationMiddleware class 已删除 - 会话身份验证在 1.10 中无条件启用。
(参见:https://docs.djangoproject.com/en/2.0/releases/2.0/#miscellaneous)
即是的,它应该在 AuthenticationMiddleware
之后