Django auth权限和login_required用法

创建超级管理员命令

python manage.py createsuperuser --username hello

　

检查和校验用户

 

from django.contrib import auth


def demo(request):
  print(request.user) # 默认匿名用户对象 AnonymousUser
  print(request.user.id) # None
  print(request.user.username) # ""
  print(request.user.is_active) # False

#authenticate去auth_user查询记录，查询成功返回用户对象，查询失败返回None
user_obj = auth.authenticate(username=hello, password=1234)

# 保存用户状态信息(保存到session中)
auth.login(request, user_obj) 
# 退出登录
auth.logout(request)


@login_required(login_url='/login/') #判断ruquest.user中是否有对象,没有跳转到/login/
def index(request):
 return render(request, "index.html", locals())


#修改密码用set_password(密码被加密)
user=User.objects.get(username=request.user.username)
user.set_password(raw_password="666")
user.save()

 

 

#login_required 这个装饰器
#第二种配置方法settings中添加

LOGIN_URL="/login/"

 

 

#判断用户是否登录
     if request.user.is_authenticated:
            print(request.user.is_authenticated)