利用auth组件进行登录认证过程的说明
官网文档
https://docs.djangoproject.com/en/2.1/ref/contrib/auth/
settings文件的配置
# 扩展Django的user表时需要重载AUTH_USER_MODEL AUTH_USER_MODEL = 'customer.UserInfo' # 认证装饰器默认跳转的地方 LOGIN_URL = '/customer/login/'
models文件中自定义用户类的写法
from django.contrib.auth.models import AbstractUser #CRM系统的用户表——拓展Django的user表 class UserInfo(AbstractUser): # null=True,blank=True~~写在一起,第一个是在数据库中约束的,第二个是在做认证的时候约束的 telephone = models.CharField(max_length=32,null=True,blank=True)
运行数据库同步语句
python manege,py makemigrations
python manage.py migrate
登录页面的写法
{% extends 'base1.html' %}
{% block title %}登陆{% endblock title %}
{% block main %}
<div>
{#记得加csrf_token#}
{% csrf_token %}
<div class="form-group">
<label for="user">用户名</label>
<input type="text" id="user" name="username" class="form-control" placeholder="用户名">
<span class="help-block"></span>
</div>
<div class="form-group">
<label for="pwd">密码</label>
<input type="password" id="pwd" name="password" class="form-control" placeholder="密码">
<span class="help-block"></span>
</div>
<div class="row">
<div class="col-md-6 col-xs-6">
<div class="form-group">
<label for="valid_code">验证码</label>
<input type="text" class="form-control" name="valid_code" id="valid_code">
</div>
</div>
<div class="col-md-6 col-xs-6">
<img id="valid_code_img" src="{% url 'customer:get_valid_img' %}" alt="" style="margin-top: 24px;">
</div>
</div>
<input type="button" class="btn btn-success btn-block" id="login_btn" value="登陆">
<span class="pull-right"><a href="{% url 'customer:register' %}">没有账户?点我注册</a> </span>
<span style="color: red;" class="er"></span>
</div>
{% endblock main %}
{% block script %}
<script>
// 统一的函数~点击登陆或者键盘敲回车触发这个函数
var func = function(){
//console.log($('#user').val());
//console.log($('#pwd').val());
//console.log($('#valid_code').val());
$.ajax({
url: '{% url "customer:login" %}',
type: 'post',
data: {
//注意这里都要用val()取值!
username: $('#user').val(),
password: $('#pwd').val(),
valid_code:$('#valid_code').val(),
csrfmiddlewaretoken: $('input[name="csrfmiddlewaretoken"]').val(),
},
success: function (data) {
//console.log(data);
if(data.code === 1000){
location.href = '{% url "customer:index" %}';
}else{
$('.er').text(data.msg);
}
}
});
};
//点击登陆按钮
$('#login_btn').click(function () {
func();
});
//在全局绑定一个敲击回车事件
$(document).keypress(function(e) {
// 回车键事件
if(e.which == 13) {
func();
}
});
//点击图片刷新验证码
$('#valid_code_img').click(function () {
$(this)[0].src += '?';
})
</script>
{% endblock script %}
视图函数的写法
from django.contrib import auth
#登陆 def login(request): # 定义一个返回给前端的字典 response_msg = {'code': None, 'msg': None} if request.method == 'GET': return render(request, 'login.html')
elif request.method == 'POST': username = request.POST.get('username') password = request.POST.get('password') valid_code = request.POST.get('valid_code') # 1-首先验证随机验证码是否正确 if valid_code.upper() == request.session.get('valid_str').upper(): # 2-验证用户名与密码是否存在 # 用auth的authenticate方法 因为数据库中密码是加密的 user_obj = auth.authenticate(username=username,password=password) if user_obj: # 3-保存session——
# auth.login(request,user_obj)这一步还做了一件事,将当前登陆的用户对象赋值给了request.use:request.user=user_obj auth.login(request,user_obj) # 构建返回的字典 response_msg['code'] = 1000 response_msg['msg'] = '登陆成功!' else: response_msg['code'] = 1001 response_msg['msg'] = '用户名或密码错误!' else: response_msg['code']=1002 response_msg['msg']='验证码输入有误' return JsonResponse(response_msg)
注意,要用认证装饰器的地方,这样写:
from django.contrib.auth.decorators import login_required #index页面——加认证装饰器~~需要在settings文件中加上:LOGIN_URL = '/customer/login/' @login_required def index(request): if request.method == 'GET': return render(request,'index.html') # 注销 @login_required def logout(request): # 注销也是用的auth的方法 auth.logout(request) return redirect('customer:logout')
~~~
