关于django的auth模块快速配置

话不多说，我们来快速配置一个django的auth模块

auth模块的功能：进行验证登录，注销，更改密码，保存登陆状态,判断登陆状态

命令相关:

1. 创建超级用户
    
        python manage.py createsuperuser
        
    2. 认证  校验用户名和密码
        obj = auth.authenticate(request,username,password)
        认证成功返回 对象
                失败  None
                
    3. 保存登录状态   记录到session
        login(request, user)
        
    4. 注销        删除session
        logout(request)
        
    5. 判断登录状态
        request.user.is_authenticated()
        
    6. 创建用户
        from django.contrib.auth.models import User
        # 密码是明文的
        User.objects.create(username=username,password=password)
        
        # 密码是密文的 普通用户
        User.objects.create_user(**form_obj.cleaned_data)
        
         # 创建超级用户
        User.objects.create_superuser(email='',**form_obj.cleaned_data)
        
    7. 密码相关
        # 检验密码
        request.user.check_password('root1234')
        # 设置密码
        request.user.set_password('admin1234')
        request.user.save()

补充:django自带的用户字段有时不满足我们的需求,这时候需要我们进行自定义

自定义步骤:

　　1 在settings.py中声明user表 :AUTH_USER_MODEL = "app01.UserInfo"

　　2 在models中导入: from django.contrib.auth.models import AbstractUser

　　3 创建model,只需要声明额外添加的字段:　　

class UserInfo(AbstractUser):
    phone = models.CharField(max_length=11)

配置完成:案例

from django.shortcuts import render, redirect
from django.contrib import auth
from django.contrib.auth.decorators import login_required
from app01.forms import RegForm
from django.contrib.auth.models import User,AbstractUser
from app01.models import UserInfo


def login(request):
    if request.method == 'POST':
        # 方法一
        username = request.POST.get('username')
        password = request.POST.get('password')
        obj = auth.authenticate(request, username=username, password=password)
        # 方法二
        # request.POST.pop('csrfmiddlewaretoken')
        # obj = auth.authenticate(request, **request.POST)
        # print(obj)
        if obj:
            # 记录登录状态
            auth.login(request, obj)

            next = request.GET.get('next')

            if next:
                return redirect(next)
            return redirect('/index/')

    # 返回登录页面
    return render(request, 'login.html')


@login_required
def index(request):
    # 登录状态
    # print(request.user.is_authenticated())

    print(request.user.password)

    if request.user.check_password('root1234'):

        request.user.set_password('admin1234')
        request.user.save()
    return render(request, 'index.html')


# 注销
def logout(request):
    auth.logout(request)

    return redirect('/login/')


def reg(request):
    form_obj = RegForm()

    if request.method == 'POST':
        form_obj = RegForm(request.POST)
        if form_obj.is_valid():
            # 数据库操作
            # username = form_obj.cleaned_data.get('username')
            # password = form_obj.cleaned_data.get('password')
            #
            # UserInfo.objects.create(username=username,password=password)

            form_obj.cleaned_data.pop('re_password')
            UserInfo.objects.create_user(is_staff=1, **form_obj.cleaned_data)

            # 创建超级用户
            # UserInfo.objects.create_superuser(email='', **form_obj.cleaned_data)

            return redirect('/login/')

    return render(request, 'reg.html', {'form_obj': form_obj})