利用auth组件进行登录认证过程的说明
官网文档
https://docs.djangoproject.com/en/2.1/ref/contrib/auth/
settings文件的配置
# 扩展Django的user表时需要重载AUTH_USER_MODEL AUTH_USER_MODEL = 'customer.UserInfo' # 认证装饰器默认跳转的地方 LOGIN_URL = '/customer/login/'
models文件中自定义用户类的写法
from django.contrib.auth.models import AbstractUser #CRM系统的用户表——拓展Django的user表 class UserInfo(AbstractUser): # null=True,blank=True~~写在一起,第一个是在数据库中约束的,第二个是在做认证的时候约束的 telephone = models.CharField(max_length=32,null=True,blank=True)
运行数据库同步语句
python manege,py makemigrations
python manage.py migrate
登录页面的写法
{% extends 'base1.html' %} {% block title %}登陆{% endblock title %} {% block main %} <div> {#记得加csrf_token#} {% csrf_token %} <div class="form-group"> <label for="user">用户名</label> <input type="text" id="user" name="username" class="form-control" placeholder="用户名"> <span class="help-block"></span> </div> <div class="form-group"> <label for="pwd">密码</label> <input type="password" id="pwd" name="password" class="form-control" placeholder="密码"> <span class="help-block"></span> </div> <div class="row"> <div class="col-md-6 col-xs-6"> <div class="form-group"> <label for="valid_code">验证码</label> <input type="text" class="form-control" name="valid_code" id="valid_code"> </div> </div> <div class="col-md-6 col-xs-6"> <img id="valid_code_img" src="{% url 'customer:get_valid_img' %}" alt="" style="margin-top: 24px;"> </div> </div> <input type="button" class="btn btn-success btn-block" id="login_btn" value="登陆"> <span class="pull-right"><a href="{% url 'customer:register' %}">没有账户?点我注册</a> </span> <span style="color: red;" class="er"></span> </div> {% endblock main %} {% block script %} <script> // 统一的函数~点击登陆或者键盘敲回车触发这个函数 var func = function(){ //console.log($('#user').val()); //console.log($('#pwd').val()); //console.log($('#valid_code').val()); $.ajax({ url: '{% url "customer:login" %}', type: 'post', data: { //注意这里都要用val()取值! username: $('#user').val(), password: $('#pwd').val(), valid_code:$('#valid_code').val(), csrfmiddlewaretoken: $('input[name="csrfmiddlewaretoken"]').val(), }, success: function (data) { //console.log(data); if(data.code === 1000){ location.href = '{% url "customer:index" %}'; }else{ $('.er').text(data.msg); } } }); }; //点击登陆按钮 $('#login_btn').click(function () { func(); }); //在全局绑定一个敲击回车事件 $(document).keypress(function(e) { // 回车键事件 if(e.which == 13) { func(); } }); //点击图片刷新验证码 $('#valid_code_img').click(function () { $(this)[0].src += '?'; }) </script> {% endblock script %}
视图函数的写法
from django.contrib import auth
#登陆 def login(request): # 定义一个返回给前端的字典 response_msg = {'code': None, 'msg': None} if request.method == 'GET': return render(request, 'login.html')
elif request.method == 'POST': username = request.POST.get('username') password = request.POST.get('password') valid_code = request.POST.get('valid_code') # 1-首先验证随机验证码是否正确 if valid_code.upper() == request.session.get('valid_str').upper(): # 2-验证用户名与密码是否存在 # 用auth的authenticate方法 因为数据库中密码是加密的 user_obj = auth.authenticate(username=username,password=password) if user_obj: # 3-保存session——
# auth.login(request,user_obj)这一步还做了一件事,将当前登陆的用户对象赋值给了request.use:request.user=user_obj auth.login(request,user_obj) # 构建返回的字典 response_msg['code'] = 1000 response_msg['msg'] = '登陆成功!' else: response_msg['code'] = 1001 response_msg['msg'] = '用户名或密码错误!' else: response_msg['code']=1002 response_msg['msg']='验证码输入有误' return JsonResponse(response_msg)
注意,要用认证装饰器的地方,这样写:
from django.contrib.auth.decorators import login_required #index页面——加认证装饰器~~需要在settings文件中加上:LOGIN_URL = '/customer/login/' @login_required def index(request): if request.method == 'GET': return render(request,'index.html') # 注销 @login_required def logout(request): # 注销也是用的auth的方法 auth.logout(request) return redirect('customer:logout')
~~~