如果想绕过django的后台数据库实现第三方认证的登陆,就要重写一个处理验证的后端了:

from django.contrib.auth.models import User

class MyCustomBackend:

    def authenticate(self, username=None, password=None):
        if True:
            try:
                user = User.objects.get(username=username)
            except User.DoesNotExist:
                user = User(username=username, password='')
                #user.is_staff = True
                #user.is_superuser = True
                user.save()
            return user
        return None

    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None

然后在settings.py中加入:

AUTHENTICATION_BACKENDS = (
'path.to.MyCustomBackend', 
)

以上便可以实现任意用户,任意密码登陆,不过还是不能完全摆脱django的User数据库的......

ref:

https://docs.djangoproject.com/en/dev/topics/auth/#handling-authorization-in-custom-backends

http://www.djangorocks.com/tutorials/creating-a-custom-authentication-backend.html