python Google App Engine : Webapp2 : Authentication

Question

我正在为我的一个项目使用自定义用户帐户，并使用webapp2提供的用户模型和身份验证。每件事都运行得很好，但我被困在身份验证不成功的地方。

例如：

#imports
from webapp2_extras.appengine.auth.models import User

class LoginHandler(SomeBaseRequestHandler):
  def get(self):
  '''self code goes in here'''

  def post(self):
    auth_id = 'authentication:id'
    password = 'somepassword'

    user = User.get_by_auth_password(authid, password)
    if user:
      # code to set a session and redirect to homepage
    else:
      # append error list and render a template

我可以登录用户，但是，如果用户提供了错误的用户名或密码，就会出现问题。如果用户提供了任何错误的凭据，则会引发服务器端错误。

Traceback (most recent call last):
File "/opt/google_appengine_1.6.4/lib/webapp2/webapp2.py", line 1536, in __call__
rv = self.handle_exception(request, response, e)
File "/opt/google_appengine_1.6.4/lib/webapp2/webapp2.py", line 1530, in __call__
rv = self.router.dispatch(request, response)
File "/opt/google_appengine_1.6.4/lib/webapp2/webapp2.py", line 1278, in default_dispatcher
return route.handler_adapter(request, response)
File "/opt/google_appengine_1.6.4/lib/webapp2/webapp2.py", line 1102, in __call__
return handler.dispatch()
File "/home/tigerstyle/orbit/orbit/orbit/handlers.py", line 36, in dispatch
webapp2.RequestHandler.dispatch(self)
File "/opt/google_appengine_1.6.4/lib/webapp2/webapp2.py", line 572, in dispatch
return self.handle_exception(e, self.app.debug)
File "/opt/google_appengine_1.6.4/lib/webapp2/webapp2.py", line 570, in dispatch
return method(*args, **kwargs)
File "/home/tigerstyle/orbit/orbit/orbit/handlers.py", line 239, in post
user = User.get_by_auth_password(auth_id, password)
File "/opt/google_appengine_1.6.4/lib/webapp2/webapp2_extras/appengine/auth/models.py",    line 301, in get_by_auth_password
raise auth.InvalidPasswordError()
InvalidPasswordError

Answer 1

您可以使用try / except控制您的登录流：

def post(self):
  """
  username: Get the username from POST dict
  password: Get the password from POST dict
  """
  username = self.request.POST.get('username')
  password = self.request.POST.get('password')
  # Try to login user with password
  # Raises InvalidAuthIdError if user is not found
  # Raises InvalidPasswordError if provided password doesn't match with specified user
  try:
    self.auth.get_user_by_password(username, password)
    self.redirect('/secure')
  except (InvalidAuthIdError, InvalidPasswordError), e:
    # Returns error message to self.response.write in the BaseHandler.dispatcher
    # Currently no message is attached to the exceptions
    return e