用户认证组件:
功能:用session记录登录验证状态;
前提:用户表,django自带的auth_user
创建超级用户:python manage.py createsuperuser kris的密码是abc123456
基于用户认证组件的登录验证信息储存
views.py
from django.shortcuts import render, HttpResponse, redirect
# Create your views here.
from django.contrib import auth
#from django.contrib.auth.models import User #自己找到那个接口做校验
def login(request):
if request.method =="POST":
user = request.POST.get("user")
pwd = request.POST.get("pwd")
#if 验证成功返回user对象,否则返回None
user = auth.authenticate(username=user,password=pwd)
if user:
auth.login(request,user) #request.user:当前登录对象
return redirect("/index/")
return render(request, "login.html")
def index(request):
print("request.user:", request.user.username)
print("request.user:", request.user.id)
print("request.user:", request.user.is_anonymous)
if request.user.is_anonymous:
return redirect("/login/")
#username = request.user.username
#return render(request, "index.html",{"username":username})
return render(request, "index.html")
login.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form action="" method="post">
{% csrf_token %}
用户名<input type="text" name="user">
密码<input type="text" name="pwd">
<input type="submit" value="submit">
</form>
</body>
</html>
index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
{#<h3> Hello {{ username }}</h3> 可以不给它传值,request.user为全局#}
<h3>Hello {{ request.user.username }}</h3>
</body>
</html>
创建用户kris 和 alex
C:\Users\Administrator\PycharmProjects\authDemo>python manage.py createsuperuser Username (leave blank to use ‘administrator‘): alex Email address: Password:alex1234 Password (again):alex1234 Superuser created successfully.
更新的时候它不像之前那样子,它把session_key 和session_data数据都更新了,之前都是只更新session_data,现在逻辑跟严谨了。
注册/注销用户功能
views.py
def logout(request):
auth.logout(request)
return redirect("/login/")
def reg(request):
if request.method=="POST":
user = request.POST.get("user")
pwd = request.POST.get("pwd")
user = User.objects.create_user(username=user,password=pwd)
return redirect("/login/")
return render(request,"reg.html")
reg.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h3>注册</h3>
<form action="" method="post">
{% csrf_token %}
用户名<input type="text" name="user">
密码<input type="text" name="pwd">
<input type="submit" value="submit">
</form>
</body>
</html>
用户认证组件:
功能:用session记录登录验证状态;
前提:用户表,django自带的auth_user
创建超级用户:python manage.py createsuperuser kris的密码是abc123456
API
from django.contrib import auth
1 if 验证成功返回user对象,否则返回None
user = auth.authenticate(username=user,password=pwd)
2 auth.login(request,user) #request.user:当前登录对象
3 auth.logout(request)
from django.contrib.auth.models import User #User==auth_user
4 request.user.is_authenticated:
5 user=User.objects.create_user(username=‘‘,password=‘‘,email=‘‘)
补充:
匿名用户对象
匿名用户
class models.AnonymousUser
django.contrib.auth.models.AnonymousUser 类实现了django.contrib.auth.models.User 接口,但具有下面几个不同点:
id 永远为None。
username 永远为空字符串。
get_username() 永远返回空字符串。
is_staff 和 is_superuser 永远为False。
is_active 永远为 False。
groups 和 user_permissions 永远为空。
is_anonymous() 返回True 而不是False。
is_authenticated() 返回False 而不是True。
set_password()、check_password()、save() 和delete() 引发 NotImplementedError。
New in Django 1.8:
新增 AnonymousUser.get_username() 以更好地模拟 django.contrib.auth.models.User。
总结:
if not:auth.login(request,user) request.user == AnonymousUser()
else:request.user==登录对象
request.user是一个全局变量
在任何视图和模板中直接使用
原文地址:https://www.cnblogs.com/shengyang17/p/9134765.html
时间: 2024-11-07 13:41:38