{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Fickle 薄情 的问题《Django + Backbone: underscore template for login /》','https://www.manongdao.com/q-1080574.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am building a SPA using Django and Backbone. Until now most of my templates have been on the Django side, but I'm now moving to templating with Backbone/Underscore. The only thing I'm unsure about is how to manage page reload with respect to authentication.
I do not have a separate login page, but rather a dropdown login form on the app's menu bar (a Bootstrap navbar), which makes $.ajax requests for login/out actions. I want to keep the app interface publicly available, and only render certain components (load, save, export buttons) when a user is logged in, hiding them when logged out. A page reload obviously has to be aware of whether the user is logged in or not. This is how I'm managing it in my Django template:
<nav class="navbar navbar-default navbar-fixed-top">
<div class="container">
<!-- Menu left -->
<ul class="nav navbar-nav">
<!-- li components... -->
</ul>
<!-- Menu right -->
<ul class="nav navbar-nav pull-right" id="navbar-right">
{% if user.is_authenticated %}
<!-- If user is logged in render 'My Account' and 'Logout' components -->
<li id='menu-account'><a href='#'>My Account</a></li>
<li id='menu-logout'><a href='#'>Logout</a></li>
{% else %}
<!-- If logged out render the login form -->
<li id="menu-register"><a href="#">Register</a></li>
<li class="dropdown" id="menu-login">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false" id="nav-login">Login</a>
<div class="dropdown-menu pull-right">
<form role="form" id="form-login" action="login/" method="POST">
<input class="form-control" name="username" id="username" placeholder="Username" type="text"><br>
<input class="form-control" name="password" id="password" placeholder="Password" type="password"><br>
<button type="submit" id="btn-login" class="btn btn-default">Login</button>
</form>
</div>
</li>
{% endif %}
</ul>
</div>
</nav>
This works very nicely, with the Django template tags taking care of the conditional rendering. An underscore version likely wouldn't look much different, but how do I determine whether the user is logged in/out from the client side? I'm thinking of just adding a response header for this, but is there a built-in Django way of doing it? I've looked at the login_required view decorator, but that seems to require a redirect for when the user is logged out.
You can manage authentication through tokens.
In Account model you have methods for login and logout. In login method you pass username, and password params as a data to make request:
After request is finished we get promise callback where we get token and set it to localStorage.authToken data. Now we can have another method for checking user for authentication.
And if you want to make logout to work, just delete authToken from localStorage:
In request header you can have authorization through token or username/password combination. In your app.js we can override Backbone.sync method to inject Authorization header, so all of Backbone sync calls are authorized by default.
This is example of Token authentication - user enter his username and password in order to obtain a token. Token in stored on client-side (localStorage). So whole logic is to check if we have authToken property. Maybe this can guide you to right solution.