DjangoLearning_charter11登录、退出与限制
登录
在使用authenticate进行验证后,如果验证通过,那么会返回一个user对象,拿到后可以通过django内置的登录验证系统
路径:from django.contrib.auth import login
1、生成项目与配置settings
- 安装app
- 添加模板存储位置
- 添加User模型 变量AUTH_USER_MODEL
2、创建模型和objects
from django.db import models from django.contrib.auth.models import AbstractUser, BaseUserManager, PermissionsMixin, AbstractBaseUser class UserManager(BaseUserManager): def _create_user(self, telephone, password, username=None, **kwargs): if not telephone or not password: raise ValueError('The given telephone or password must be set') user = self.model(telephone=telephone, username=username, **kwargs) user.set_password(password) user.save() return user def create_user(self, telephone, password, username=None, **kwargs): kwargs['is_superuser'] = False return self._create_user(telephone=telephone, password=password, username=username, **kwargs) def create_superuser(self, telephone, password, username=None, **kwargs): kwargs['is_superuser'] = True return self._create_user(telephone=telephone, password=password, username=username, **kwargs) class User(AbstractUser): telephone = models.CharField(max_length=11, unique=True) school = models.CharField(max_length=100) USERNAME_FIELD = 'telephone' objects = UserManager()
3、创建表单类
在MODELFORM的fields中或者不再extends中的字段,如果它的unique是True, 那么会默认验证表单提交上来的数据是否在数据库存在, 如存在即报错
from django import forms from django.contrib.auth import get_user_model
class LoginForm(forms.ModelForm):
remember = forms.IntegerField()
telephone = forms.CharField(max_length=11)
class Meta:
model = get_user_model()
# fields = ['telephone', 'password']
fields = ['password']
4、视图类:
from django.views import View from django.contrib.auth import login class LoginView(View): def get(self, request): form = LoginForm() return render(request, 'login.html', context={'form': form}) def post(self, request): form = LoginForm(request.POST) if form.is_valid(): telephone = form.cleaned_data.get('telephone') password = form.cleaned_data.get('password') remember = form.cleaned_data.get('remember') user = authenticate(request, username=telephone, password=password) if user and user.is_active: login(request, user=user) if remember: request.session.set_expiry(None) else: request.session.set_expiry(0) return HttpResponse('登陆成功') else: return HttpResponse('用户名或密码错误') else: print(form.errors) return redirect(reverse('login'))
注销
退出登录, 可以通过django.contrib.auth.logout来实现, 会清理掉这个用户的session数据
from django.contrib.auth import logout def logout_view(request): logout(request) return HttpResponse('登出')
登录限制
有时候, 存在一些视图是登录后才可以访问, 比如个人空间,可以通过django.contrib.auth.decorators.login_required装饰器来实现
login_url:修改默认的登录url
“http://127.0.0.1:8000/login/?next=/profile/”:因包含了next参数, 因此登录后会自动跳转到profile页面, 用户体验好
from django.contrib.auth.decorators import login_required @ login_required(login_url='/login/') def my_profile(request): return HttpResponse('这里是个人主页, 只有登录才能看见')
但是并未完成跳转,因为我们自定义的视图函数只返回登陆成功, 而未包含跳转。修改视图函数即可
注意点:因next_url已经为url ,因此不需要用reverse进行反转,否则会报错
# 原视图函数的返回值 return HttpResponse('登陆成功')
# 修改为如下
next_url = request.GET.get('next')
if next_url:
return redirect(next_url)
# return redirect(reverse(next_url))
else:
return HttpResponse('登陆成功')
浙公网安备 33010602011771号