Django认证系统之自带auth_user表操作

Django自带auth_user表操作：

views.py

from django.contrib  import  auth#引入auth模块

from django.contrib.auth.models import User # auth应用中引入User类

 

（1）用户注册，添加记录(create_use普通用户，create_superuser超级用户)

# 注册

def register(request):

    if request.method == 'GET':

        register_obj = RegisterForm()

        return render(request, 'register.html', {'register_obj': register_obj})

    elif request.method == 'POST':

        data = request.POST       

        register_obj = RegisterForm(data)

        if register_obj.is_valid():

            user_obj = register_obj.cleaned_data

            print(user_obj)

            username = user_obj.get('name')

            password = user_obj.get('password')

         

#通过auth模块，进行新用户注册，使用User表创建新用户(create_use普通用户，create_superuser超级用户)

            if not User.objects.filter(username=username).exists():

                new_obj = User.objects.create_user(username=username, password=password)

                print(f'新用户{username}注册成功！')

                return redirect('login')

            else:

                register_obj.add_error('name', '用户名已存在！')

                return render(request, 'register.html', {'register_obj': register_obj})

        else:

            return render(request, 'register.html', {'register_obj': register_obj})

(2)登录校验（auth.authenticate(username=username, password=password))）

# 登录

def login(request):

    if request.method == 'GET':

        return render(request, 'login.html')

    elif request.method == 'POST':

       

        username = request.POST.get('username')

        password = request.POST.get('password')

        # 调用auth.authenticate()方法进行登录校验

        user_obj = auth.authenticate(username=username, password=password)

        print(user_obj)

        if user_obj:

#校验成功，调用auth.login（request, user_obj）方法：

①执行和session一样操作（创建随机sessionid;加密添加sesion表；写入cookie）

②自动在request对象添加一个属性user,在后续身份认证直接调用request.user.is_authenticated时自动判断是否登录

            auth.login(request, user_obj)

            return JsonResponse({'status': 1, 'url': reverse('index')})

        else:

            return JsonResponse({'status': 0, 'url': ''})

 （3）访问认证（request.user.is_authenticated）

def index(request):

    if request.user.is_authenticated:#调用request.user的is_authenticated伪方法进行认证

        print(request.user)#request.user就是当前用户对象，打印结果为用户名称

        if request.method == 'GET':

            return render(request, 'index.html')

    else:

        return redirect('login')

 

（4）退出登录（auth.logout(request)）

def logout(request):

    auth.logout(request)#调用 auth.logout(request)方法，类似session的request.session.flush()同时删除session表记录和cookie

    return redirect('login')

 

(5)修改密码（request.user.check_password（），request.user.set_password（），request.user.save()）

def reset_psd(request):

    if request.user.is_authenticated:

        if request.method == 'GET':

            return render(request, 'reset_psd.html')

        elif request.method == 'POST':

            old_password = request.POST.get('old_password')

            new_password = request.POST.get('new_password')

            r_new_password = request.POST.get('r_new_password')

            # ret=request.user.check_password(old_password)

            # print(ret)

            if request.user.check_password(old_password):#调用request.user.check_password(old_password)判断原密码是否正确

                if new_password == r_new_password:

                    request.user.set_password(new_password)#调用request.user.set_password(new_password）设置新密码

                    request.user.save()#调用request.user.save()进行保存更新

                    return JsonResponse({'status': True, 'info': '操作成功！', 'url': reverse('index')})

                else:

                    return JsonResponse({'status': False, 'info': '两次新密码不一致！', 'url': ''})

            else:

                return JsonResponse({'status': False, 'info': '操作失败：原密码输入有误！', 'url': ''})

        return JsonResponse({'status': False, 'info': '操作失败！', 'url': ''})

 

    else:

        return redirect('login')