10.Django用戶認證組件
阿新 • • 發佈:2018-06-08
htm ews let end pytho 對象 登錄 The In
用戶認證組件:
功能:用session記錄登錄驗證狀態;
前提:用戶表,django自帶的auth_user
創建超級用戶:python manage.py createsuperuser kris的密碼是abc123456
基於用戶認證組件的登錄驗證信息儲存
views.py
from django.shortcuts import render, HttpResponse, redirect # Create your views here. from django.contrib import auth #from django.contrib.auth.models import User #自己找到那個接口做校驗def login(request): if request.method =="POST": user = request.POST.get("user") pwd = request.POST.get("pwd") #if 驗證成功返回user對象,否則返回None user = auth.authenticate(username=user,password=pwd) if user: auth.login(request,user) #request.user:當前登錄對象return redirect("/index/") return render(request, "login.html") def index(request): print("request.user:", request.user.username) print("request.user:", request.user.id) print("request.user:", request.user.is_anonymous) if request.user.is_anonymous:return redirect("/login/") #username = request.user.username #return render(request, "index.html",{"username":username}) return render(request, "index.html")
login.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <form action="" method="post"> {% csrf_token %} 用戶名<input type="text" name="user"> 密碼<input type="text" name="pwd"> <input type="submit" value="submit"> </form> </body> </html>
index.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> {#<h3> Hello {{ username }}</h3> 可以不給它傳值,request.user為全局#} <h3>Hello {{ request.user.username }}</h3> </body> </html>
創建用戶kris 和 alex
C:\Users\Administrator\PycharmProjects\authDemo>python manage.py createsuperuser Username (leave blank to use ‘administrator‘): alex Email address: Password:alex1234 Password (again):alex1234 Superuser created successfully.
更新的時候它不像之前那樣子,它把session_key 和session_data數據都更新了,之前都是只更新session_data,現在邏輯跟嚴謹了。
註冊/註銷用戶功能
views.py
def logout(request): auth.logout(request) return redirect("/login/") def reg(request): if request.method=="POST": user = request.POST.get("user") pwd = request.POST.get("pwd") user = User.objects.create_user(username=user,password=pwd) return redirect("/login/") return render(request,"reg.html")
reg.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h3>註冊</h3> <form action="" method="post"> {% csrf_token %} 用戶名<input type="text" name="user"> 密碼<input type="text" name="pwd"> <input type="submit" value="submit"> </form> </body> </html>
用戶認證組件: 功能:用session記錄登錄驗證狀態; 前提:用戶表,django自帶的auth_user 創建超級用戶:python manage.py createsuperuser kris的密碼是abc123456 API from django.contrib import auth 1 if 驗證成功返回user對象,否則返回None user = auth.authenticate(username=user,password=pwd) 2 auth.login(request,user) #request.user:當前登錄對象 3 auth.logout(request) from django.contrib.auth.models import User #User==auth_user 4 request.user.is_authenticated: 5 user=User.objects.create_user(username=‘‘,password=‘‘,email=‘‘) 補充: 匿名用戶對象 匿名用戶 class models.AnonymousUser django.contrib.auth.models.AnonymousUser 類實現了django.contrib.auth.models.User 接口,但具有下面幾個不同點: id 永遠為None。 username 永遠為空字符串。 get_username() 永遠返回空字符串。 is_staff 和 is_superuser 永遠為False。 is_active 永遠為 False。 groups 和 user_permissions 永遠為空。 is_anonymous() 返回True 而不是False。 is_authenticated() 返回False 而不是True。 set_password()、check_password()、save() 和delete() 引發 NotImplementedError。 New in Django 1.8: 新增 AnonymousUser.get_username() 以更好地模擬 django.contrib.auth.models.User。 總結: if not:auth.login(request,user) request.user == AnonymousUser() else:request.user==登錄對象 request.user是一個全局變量 在任何視圖和模板中直接使用
10.Django用戶認證組件