【Mac系统 + Python + Django】之开发一个发布会系统【Django视图(二)】

这里我们要进行开发一个发布会系统来了解Django框架,来看第二部分Django视图。

 

目录:

 

 

一、登录功能             返回目录 

在上一章,我们已经简单用了html模板,在它基础上继续开发:

1、修改index.html文件为发布会html:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Django Page</title>
</head>
<body>
    <h1>发布会系统</h1>
    <form>
        <input name="username" type="text" placeholder="输入用户名"/>
        <br/>
        <input name="password" type="password" placeholder="输入密码"/>
        <br/>
        <button id="btn" type="submit">登录</button>
        {% csrf_token %}
    </form>
</body>
</html>

 

 

2、GET、POST请求

(1)GET请求

form标签中加入:method="get"

    <form method="get">
        <input name="username" type="text" placeholder="输入用户名"/>
        <br/>
        <input name="password" type="password" placeholder="输入密码"/>
        <br/>
        <button id="btn" type="submit">登录</button>
    </form>

在页面输入用户名密码之后,提交表单,URL地址会添加用户名、密码

(2)POST请求

提交表单后,页面报错:

大概意思是Django对CSRF有保护措施,表单会自动生成令牌,通过令牌判断POST是否来自同一个网站,只需添加令牌即可,form添加{% csrf_token %}#}

    <form method="post">
        <input name="username" type="text" placeholder="输入用户名"/>
        <br/>
        <input name="password" type="password" placeholder="输入密码"/>
        <br/>
        <button id="btn" type="submit">登录</button>
         # 添加令牌
        {% csrf_token %}
    </form>

再次刷新提交,就不报错了。

3、处理登录请求

修改index.html,添加action="/login_action/":

<form method="post" action="/login_action/">

再打开guest/urls.py文件,添加路径:

urlpatterns = [
    ...
    url(r'^login_action/$', views.login_action)
]

再在sign/views.py下添加login_action()函数

def login_action(request):
    if request.method == "POST":
        username = request.POST.get("username","")
        password = request.POST.get("password","")
        if username == "123" and password == "1":
            return HttpResponse("Django good!")
        else:
            return render(request,"index.html",{"error" : "Django login is error!"})

最后再在templates/index.html中添加error错误提示:

    <form method="post" action="/login_action/">
        <input name="username" type="text" placeholder="输入用户名"/>
        <br/>
        <input name="password" type="password" placeholder="输入密码"/>
        <br/>
        <button id="btn" type="submit">登录</button>
        <br/>
     # 提示信息 {{ error }} {% csrf_token %} </form>

{ { error } }:对应render返回字典中的key。

如果用户名密码正确则:

否则的话,提示报错信息:

4、登陆成功页面

但是,不能只是通过文字展示登录成功信息,必须需要替换为登录成功页面。

添加templates/enent_manage.html文件:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Event Manage</title>
</head>
<body>
    <h1>Login success!</h1>
</body>
</html>

修改sign/views.py

def login_action(request):
    if request.method == "POST":
     # "username"和"password"为name属性值,很重要 username
= request.POST.get("username","") password = request.POST.get("password","") if username == "123" and password == "1": # HttpResponseRedirect:这个类可以重定向指定页面 return HttpResponseRedirect("/event_manage/") else: return render(request,"index.html",{"error" : "Django login is error!"})
# 登陆成功页面
def event_action(request): return render(request,"event_manage.html")

修改guest/urls.py:

urlpatterns = [
    ...
    url(r'^event_manage/$', views.event_action),
]

再进行登录:

 

 

二、Cookie和Session           返回目录

1、Cookie的使用

首先修改sign/views.py:

def login_action(request):
    if request.method == "POST":
        username = request.POST.get("username","")
        password = request.POST.get("password","")
        if username == "123" and password == "1":
            # 添加浏览器cookie
            response = HttpResponseRedirect("/event_manage/")
            # "user":cookie名;username获取登录用户名;3600cookie再浏览器保持时间
            response.set_cookie("user",username,3600)
            return response
        else:
            return render(request,"index.html",{"error" : "Django login is error!"})


def event_action(request):
    # "user":读取cookie名
    username = request.COOKIES.get("user","")
    return render(request,"event_manage.html",{"cookie":username})

 

修改templates/event_manage.html:

    <div style="float: left">
        <a>欢迎{{ username }}到来!</a>
    </div>

页面登录成功后:

通过谷歌浏览器查看Cookie信息:

2、Session的使用

但是考虑到安全问题,还是Session靠谱。

修改sign/views.py:

def login_action(request):
    if request.method == "POST":
        username = request.POST.get("username","")
        password = request.POST.get("password","")
        if username == "123" and password == "1":
            # HttpResponseRedirect:这个类可以重定向指定页面
            response = HttpResponseRedirect("/event_manage/")
            # "user":cookie名;username获取登录用户名;3600cookie再浏览器保持时间
            # response.set_cookie("user",username,3600)   # 添加浏览器cookie
            request.session["user"] = username # 将session信息记录到浏览器中
            return response
        else:
            return render(request,"index.html",{"error" : "Django login is error!"})


def event_action(request):
    # username = request.COOKIES.get("user","") # "user":读取cookie名
    username = request.session.get("user","")   #读取浏览器session
    return render(request,"event_manage.html",{"username":username})

 

进行登录操作,但是报错:

提示:no such table: django_session,是因为session必须要有存储的地方才可以,我们需要创建django_session

再项目guest下,输入命令行:

# 输入命令
python manage.py migrate


Operations to perform:
Apply all migrations: admin, auth, contenttypes, sessions
Running migrations:
Applying contenttypes.0001_initial... OK
Applying auth.0001_initial... OK
Applying admin.0001_initial... OK
Applying admin.0002_logentry_remove_auto_add... OK
Applying contenttypes.0002_remove_content_type_name... OK
Applying auth.0002_alter_permission_name_max_length... OK
Applying auth.0003_alter_user_email_max_length... OK
Applying auth.0004_alter_user_username_opts... OK
Applying auth.0005_alter_user_last_login_null... OK
Applying auth.0006_require_contenttypes_0002... OK
Applying auth.0007_alter_validators_add_error_messages... OK
Applying auth.0008_alter_user_username_max_length... OK
Applying sessions.0001_initial... OK

 再进行登录,并查看session信息。

三、Django认证系统             返回目录

 1、登录Admin后台

首先需要创建管理员账号,再终端输入:

test:guest zhan$ python manage.py createsuperuser
Username (leave blank to use 'zhan'): admin                 # 输入用户名
Email address: xxx@xxx.com                              # 输入邮箱
Password:                                     # 输入密码
Password (again):                                # 再次输入密码
This password is too short. It must contain at least 8 characters.  # 密码太短,并且不到8位
This password is too common.                         # 密码太简单
This password is entirely numeric.                     # 密码是数字
Password: 
Password (again): 
Error: Your passwords didn't match.                     # 密码不匹配
Password: 
Password (again): 
Superuser created successfully.
test:guest zhan$ 

 

登录网址:http://127.0.0.1:8000/admin/

输入用户名密码后登录:

2、引用Django认证登录

修改sign/views.py

def login_action(request):
    if request.method == "POST":
        username = request.POST.get("username","")
        password = request.POST.get("password","")
        # authenticate()函数接受用户名密码两个参数,并判断如果窜在返回user,不存在返回None
        user = auth.authenticate(username=username,password=password)
        if user != None:
            auth.login(request,user)    # 登录
            # HttpResponseRedirect:这个类可以重定向指定页面
            response = HttpResponseRedirect("/event_manage/")
            request.session["user"] = username  # 将session信息记录到浏览器中
            return response
        else:
            return render(request,"index.html",{"error" : "Django login is error!"})

修改完成之后,通过跟后台系统用户名密码相关联,进行验证登录。

3、关上窗户

为什么要单独讲这一节呢,因为有一个现象时,直接登录成功页面:http://127.0.0.1:8000/event_manage/,发现直接就可以登录成功,但是这个往往是不行的,应该必须通过登录操作才可以进入登陆成功页面,所以我们只需要简单加个东西就好了。

修改sign/views.py:

from django.contrib.auth.decorators import login_required

......

# 限制
@login_required
def event_action(request):
    username = request.session.get("user","")   #读取浏览器session
    return render(request,"event_manage.html",{"username":username})

只需要加入@login_required,即可。

注意:需要清理缓存。

 

但是,地址指向让它指向登录页面就更好啦。

修改guest/urls.py,增加新的路径:

urlpatterns = [
   ......
    url(r'^$', views.index),        # 8080地址也可以访问登录页面
    ......
    url(r'^accounts/login/$', views.index),         # 访问登陆成功页面,自动跳转登录页面
]

此时访问:

http://127.0.0.1:8000/

http://127.0.0.1:8000/index/

http://127.0.0.1:8000/event_manage/

都可以访问登录页面。

 

 

本部分完结, 下一章将会介绍Django模型(三),操作数据库的。

 

 

posted @ 2018-10-12 14:49  Owen_ET  阅读(710)  评论(2编辑  收藏  举报