auth认证模块
目录
auth认证模块简介
django提供给快速完成用户相关功能的模块
用户相关功能:创建、认证、编辑、拉黑、删除
django配套提供了一张用户表
执行数据库迁移命令之后默认产生的auth_user
django自带的admin后台管理用户登录使用auth_user表
也可以修改配置文件自定义表格
创建admin后台管理员用户:
(1)python3 manage.py createsuperuser
(2)导航栏run点击manage.py task然后根据提示输入createsuperuser
提示:自动对密码进行加密处理并保存
auth模块方法大全
导入auth模块的方法
from django.contrib import auth
一、验证用户名和密码是否正确
关键字:auth.authenticate(username=username, password=password)
class MyLogin(views.View):
def post(self, request):
username = request.POST.get('username')
password = request.POST.get('password')
user_obj = auth.authenticate(username=username, password=password) # 验证用户名和密码是否正确
print(user_obj)
if user_obj:
path = request.GET.get('next')
print(path)
if path:
res = redirect(path)
auth.login(request, user=user_obj)
return res
else:
res = redirect('/home/')
auth.login(request, user=user_obj)
return res
return HttpResponse('<br><br><br><h3 style="text-align:center">用户不存在或者密码错误</h3>')
def get(self, request):
return render(request, 'login.html')
@method_decorator(csrf_exempt, name='post') # 有效
def dispatch(self, request, *args, **kwargs):
return super(MyLogin, self).dispatch(request, *args, **kwargs)
二、保存用户登录状态
关键字:auth.login(request, user=user_obj)
class MyLogin(views.View):
def post(self, request):
username = request.POST.get('username')
password = request.POST.get('password')
user_obj = auth.authenticate(username=username, password=password)
print(user_obj)
if user_obj:
path = request.GET.get('next')
print(path)
if path:
res = redirect(path)
auth.login(request, user=user_obj) # 保存用户登录状态
return res
else:
res = redirect('/home/')
auth.login(request, user=user_obj) # 保存用户登录状态
return res
return HttpResponse('<br><br><br><h3 style="text-align:center">用户不存在或者密码错误</h3>')
def get(self, request):
return render(request, 'login.html')
@method_decorator(csrf_exempt, name='post') # 有效
def dispatch(self, request, *args, **kwargs):
return super(MyLogin, self).dispatch(request, *args, **kwargs)
三、获取当前用户对象
关键字:request.user
@login_required(login_url='/mylogin/')
def music(request):
res = request.user # 获取当前用户对象
print(res)
return HttpResponse('<br><br><br><h2 style="text-align:center">欢迎来到听音乐界面</h2>'
'<br><p style="text-align: center"><a style="text-decoration:none" href="/home/">返回主界面</a></p>')
四、判断当前用户是否登录
关键字:request.user.is_authenticated()
@login_required(login_url='/mylogin/')
def video(request):
is_register = request.user.is_authenticated() # 判断当前用户是否登录
print(is_register)
return HttpResponse('<br><br><br><h2 style="text-align:center">欢迎来到看视频界面</h2>'
'<br><p style="text-align: center"><a style="text-decoration:none" href="/home/">返回主界面</a></p>')
五、校验登录装饰器
需导入模块
from django.contrib.auth.decorators import login_required
局部配置
@login_required(login_url='/mylogin/') # 局部配置
def music(request):
res = request.user
print(res)
return HttpResponse('<br><br><br><h2 style="text-align:center">欢迎来到听音乐界面</h2>'
'<br><p style="text-align: center"><a style="text-decoration:none" href="/home/">返回主界面</a></p>')
全局配置
LOGIN_URL = '/mylogin/' # 需要在配置文件中添加配置
@login_required
def music(request):
res = request.user
print(res)
return HttpResponse('<br><br><br><h2 style="text-align:center">欢迎来到听音乐界面</h2>'
'<br><p style="text-align: center"><a style="text-decoration:none" href="/home/">返回主界面</a></p>')
@login_required
def video(request):
is_register = request.user.is_authenticated()
print(is_register)
return HttpResponse('<br><br><br><h2 style="text-align:center">欢迎来到看视频界面</h2>'
'<br><p style="text-align: center"><a style="text-decoration:none" href="/home/">返回主界面</a></p>')
六、修改密码
关键字:
request.user.check_password()
request.user.set_password()
request.user.save()
@login_required
def edit_password(request):
if request.method == 'POST':
old_password = request.POST.get('old_password')
new_password = request.POST.get('new_password')
confirm_new_password = request.POST.get('confirm_new_password')
is_old_password = request.user.check_password(old_password)
if not new_password == confirm_new_password:
return HttpResponse('<br><br><br><h2 style="text-align:center">两次密码不一致</h2>'
'<br><p style="text-align: center"><a href="/home/">返回主界面</a></p>')
if is_old_password:
request.user.set_password(new_password)
return HttpResponse('<br><br><br><h2 style="text-align:center">密码修改成功</h2>'
'<br><p style="text-align: center"><a href="/home/">返回主界面</a></p>')
return HttpResponse('<br><br><br><h2 style="text-align:center">原密码密码</h2>'
'<br><p style="text-align: center"><a href="/home/">返回主界面</a></p>')
return render(request, 'edit_password.html')
七、注销登录
关键字:
@login_required
def logout(request):
auth.logout(request)
return HttpResponse('<br><br><br><h2 style="text-align:center">退出登陆成功</h2>'
'<br><p style="text-align: center"><a href="/home/">返回主界面</a></p>')
八、注册用户
需导入模块
from django.contrib.auth.models import User
创建超级用户
User.objects.create_superuser()
创建普通用户
class MyRegister(views.View):
def post(self,request):
username = request.POST.get('username')
password = request.POST.get('password')
is_user = models.MyCustomizeUser.objects.filter(username=username).first()
print(is_user)
if is_user:
return HttpResponse('<br><br><br><h2 style="text-align:center">用户名已经存在</h2>'
'<br><p style="text-align: center"><a href="/home/">返回主界面</a></p>')
models.MyCustomizeUser.objects.create_user(username=username, password=password)
return HttpResponse('<br><br><br><h3 style="text-align:center">注册成功</h3>'
'<br><p style="text-align: center"><a href="/home/">返回主界面</a></p>')
def get(self, request):
return render(request, 'MyRegister.html')
auth扩展表字段
from django.contrib.auth.models import AbstractUser
class MyCustomizeUser(AbstractUser):
# 不能AbstractUser类中已有的字段
phone = models.BigIntegerField(null=True)
gender = models.CharField(max_length=32, null=True)
addr = models.CharField(max_length=32, null=True)
# 配置文件中添加
AUTH_USER_MODEL = 'app01.Users'
