一、auth組件介紹
可以實作包括用戶注冊、用戶登錄、用戶認證、注銷、修改密碼等功能,內置了強大的用戶認證系統--auth,它其實就是一個app
二、內置屬性方法
注意:在用屬性方法前,必須進行資料庫遷移,兩條命令
1. authenticate用戶認證
settings.py 基本路徑配置好
urls.py注意每次配好路由
login.html
ps : {% csrf_token %} 用上它不用注釋csrf那個中間件了
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>登錄</title> </head> <body> <form action="" method="post"> {% csrf_token %} <p>用戶名:<input type="text" name="name"></p> <p>密碼:<input type="password" name="password"></p> <p><input type="submit" value="提交"></p> </form> </body> </html>
views.py
from django.shortcuts import render, HttpResponse, redirect #from django.contrib.auth.models import User from django.contrib import auth def login(request): if request.method=='GET': return render(request,'login.html') else: name=request.POST.get('name') password=request.POST.get('password') # 明文 ## 方案行不通,密碼是密文的,永遠匹配不成功 # user=User.objects.filter(username=name,password=password) ## 使用此方案,有兩個注意點 ## 第一個引數必須是request物件 ##必須用username和password不能用其他名,看原始碼 user=auth.authenticate(request,username=name,password=password) if user: return HttpResponse('登錄成功') else: return HttpResponse('用戶名或密碼錯誤')
2.login
# 呼叫auth后,表示用戶登錄了 # 1 存了session # 2 以后所有的視圖函式,都可以使用request.user,它就是當前登錄用戶 auth.login(request,user)
代碼:
urls.py略
order.html 這里只是測驗下
<body> {{ request.user.username }}的訂單頁面,買了好多東西 </body>
index.html
<body> {{ request.user.username }}登錄了 </body>
views.py
from django.shortcuts import render, HttpResponse, redirect from django.contrib.auth.models import User # 不管是否登錄,都能訪問
def index(request):
return render(request, 'index.html')
def order(request):
print(request.user) return render(request, 'order.html') ## 用戶登錄成功后存session from django.contrib import auth def login(request): if request.method=='GET': return render(request,'login.html') else: name=request.POST.get('name') password=request.POST.get('password') # 明文 ## 此方案行不通,密碼是密文的,永遠匹配不成功 # user=User.objects.filter(username=name,password=password) ## 使用此方案 ## 第一個引數必須是request物件 ##username和password user=auth.authenticate(request,username=name,password=password) if user: # 呼叫auth,表示用戶登錄了 # 1 存了session # 2 以后所有的視圖函式,都可以使用request.user auth.login(request,user)
return HttpResponse('登錄成功') else: return HttpResponse('用戶名或密碼錯誤')
3.logout
urls.py略
views.py
def logout(request): # 后續再訪問視圖函式,就沒有當前登錄用戶了request.user(匿名用戶AnonymousUser) auth.logout(request) return redirect('/index/')
oeder.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>訂單頁面</title> </head> <body> {{ request.user.username }}的訂單頁面,買了好多東西 <br> <hr> <a href="/logout/">點我退出</a> </body> </html>
4.is_authenticated
# is_authenticated 回傳True或者False,判斷用戶是否登錄 # 用在視圖中views.py if request.user.is_authenticated: print('用戶登錄了') else: print('用戶沒有登錄,匿名用戶') # 用在模板中index.html {% if request.user.is_authenticated %} {{ request.user.username }} 登錄了 {% else %} <a href=https://www.cnblogs.com/guojieying/p/"/login/">滾去登錄</a> {% endif %}
5.login_requierd
1 它是個裝飾器, 裝飾在視圖函式上,只要沒有登錄,就進不來 # 必須登錄后才能訪問 @login_required(login_url='/login/') #意思是如果沒有登錄就重定向到/login/
代碼:
from django.shortcuts import render, HttpResponse, redirect from django.contrib import auth from django.contrib.auth.decorators import login_required def login(request): if request.method=='GET': return render(request,'login.html') else: name=request.POST.get('name') password=request.POST.get('password') # 明文 ## 方案行不通,密碼是密文的,永遠匹配不成功 # user=User.objects.filter(username=name,password=password) ## 使用此方案 ## 第一個引數必須是request物件 ##username和password user=auth.authenticate(request,username=name,password=password) if user: # 呼叫auth,表示用戶登錄了 # 1 存了session # 2 以后所有的視圖函式,都可以使用request.user auth.login(request,user) url=request.GET.get('next') if url: return redirect(url) else: return redirect('/index/') else: return HttpResponse('用戶名或密碼錯誤') # 必須登錄后才能訪問 @login_required(login_url='/login/') def order(request): print(request.user) # 如何實作的? print(request.user.username) # AnonymousUser if request.user.is_authenticated: print('用戶登錄了') else: print('用戶沒有登錄,匿名用戶') return render(request, 'order.html')
6.create_user
# 使用內置的create_user或者create_superuser方法 superuser權限跟user不同 user=User.objects.create_user(username=name,password=password) # user=User.objects.create_superuser(username=name,password=password)
代碼:
views.py
from django.contrib.auth.models import User def register(request): if request.method == 'GET': return render(request, 'register.html') else: name = request.POST.get('name') password = request.POST.get('password') # 注冊用戶(有問題,密碼是明文) # user=User.objects.create(username=name,password=password) # print(user) # 使用內置的create_user或者create_superuser方法 user = User.objects.create_user(username=name, password=password) # user=User.objects.create_superuser(username=name,password=password) return redirect('/login/')
register.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>注冊</title> </head> <body> <form action="" method="post"> {% csrf_token %} <p>用戶名:<input type="text" name="name"></p> <p>密碼:<input type="password" name="password"></p> <p>確認密碼:<input type="password" name="re_password"></p> <p><input type="submit" value="提交"></p> </form> </body> </html>
7.check_password 校驗密碼
## 有了用戶,校驗密碼是否正確 # 先獲取到用戶物件 user = User.objects.filter(username=name).first() # 判斷密碼是否正確 flag=user.check_password(password)
代碼:
def login(request): if request.method == 'GET': return render(request, 'login.html') else: name = request.POST.get('name') password = request.POST.get('password') # 明文 # 先獲取到用戶物件 user = User.objects.filter(username=name).first() # 判斷密碼是否正確 flag = user.check_password(password) if flag: auth.login(request, user) url = request.GET.get('next') if url: return redirect(url) else: return redirect('/index/') else: return HttpResponse('用戶名或密碼錯誤')
8.set_password 修改密碼
views.py
from django.contrib.auth.models import User
def change_password(request): if request.method == 'GET': return render(request, 'change_pwd.html') else: old_pwd = request.POST.get('old_pwd') new_pwd = request.POST.get('new_pwd') re_new_pwd = request.POST.get('re_new_pwd')#注意要核驗,不然出bug if request.user.check_password(old_pwd): # 密碼正確再修改 request.user.set_password(new_pwd) # 一定要記住保存(****) request.user.save() return redirect('/login/') else: return HttpResponse('原來密碼錯誤')
index.html
<body> {% if request.user.is_authenticated %} {{ request.user.username }} 登錄了 <br> <a href="/change_pwd/">修改密碼</a> {% else %} <a href="/login/">滾去登錄</a> {% endif %} </body>
change_pwd.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>修改密碼</title> </head> <body> <form action="" method="post"> {% csrf_token %} <p>原密碼:<input type="password" name="old_pwd"></p> <p>新密碼:<input type="password" name="new_pwd"></p> <p>確認密碼:<input type="password" name="re_new_pwd"></p> <p><input type="submit" value="提交"></p> </form> </body> </html>
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/192868.html
標籤:架構設計