Django的内置登录、退出、修改密码方法
Django中内置的登录、退出、修改密码方法。
1、url.py中使用django.contrib.auth中的views函数,django.views.generic中的TemplateView函数,Django==2.04下测试成功。Django2.1的内置方法不同。contrib.auth.views 模块下所有的 函数视图(FBV)被移除,使用相应的 类视图(CBV),
from django.contrib import admin from django.urls import path from django.conf.urls import url,include from app import views from django.conf.urls import url,include from django.contrib.auth import views as auth_views #使用默认的视图函数来实现loginlogout from django.views.generic import TemplateView urlpatterns = [ url('admin/', admin.site.urls), url('login/$', auth_views.login, {"template_name": "registration/login.html"}, name="user_login"), # 内置login方法,定制页面,需设定settings中的LOGIN_REDIRECT_URL = ‘/home’默认页面 url('logout/$', auth_views.logout, {"template_name": "registration/logout.html"}, name="user_logout"),# 内置logout方法,定制页面 url(r'^password-change/$', auth_views.password_change,{'post_change_redirect': '/password-change-done'}, name="password_change"), #html页面默认在registration内,修改了页面 url(r'^password-change-done/$', auth_views.password_change_done, name="password_change_done"), url(r'home/',TemplateView.as_view(template_name="home.html"),name='home'),#默认的登录页面 url(r'^$',TemplateView.as_view(template_name="home.html"),name='home'), ]
Django2.1的内置方法不同。contrib.auth.views 模块下所有的 函数视图(FBV)被移除,使用相应的 类视图(CBV),登录、退出、修改密码方法修改为:
# from django.conf.urls import url from django.urls import path, re_path from . import views from django.contrib.auth import views as auth_views urlpatterns = [ path('login/', auth_views.LoginView.as_view(template_name="account/login.html"), name="user_login"), path('logout', auth_views.LogoutView.as_view(template_name="account/logout.html"), name="user_logout"), path('register/', views.user_register, name="user_register"), path('password-change/', auth_views.PasswordChangeView.as_view(template_name="account/password_change_form.html", success_url="/account/password-change-done/"),name='password_change'), path('password-change-done/', auth_views.PasswordChangeDoneView.as_view(template_name=
"account/password_change_done.html"),name='password_change-done'), ]
2、登录页面、退出页面
可以使用默认的登录退出页面,但一般需要自己定制页面,实现功能的跳转。注意html文件存放在..\templates\registration下,也可通过‘’template_name”设定在其他位置。
login.html
{% extends "base.html" %} {% load staticfiles %} {% block title %}Login {% endblock %} {% block content %} <div class="row text-center vertical-middle-sm"> <h1>Login</h1> <p>Input your username and password</p> <form class="form-horizontal" action="{% url 'user_login' %}" method="post" >{% csrf_token %} <!-- {{ form.as_p }} --> <div class="form-group"> <label for="{{ form.username.id_for_label }}" class="col-md-5 control-label" style="color:red"><span class="glyphicon glyphicon-user"></span>Username</label> <div class="col-md-6 text-left">{{ form.username }}</div> </div> <div class="form-group"> <label for="{{ form.password.id_for_label }}" class="col-md-5 control-label" style="color:blue"><span class="glyphicon-floppy-open"></span>Password</label> <div class="col-md-6 text-left">{{ form.password }}</div> </div> <input type="submit" class="btn btn-primary btn-lg" value="Login"> </form> </div> {% endblock %}
logout.html
{% extends "base.html" %} {% block title %}Logout{% endblock %} {% block content %} <div class="row text-center vertical-middle-sm"> <p>You have log out!</p> <p>You can <a href="{% url 'user_login' %}"><strong>Login </strong> </a> again</p> </div> {% endblock %}
3.密码修改页面,注意html文件存放在..\templates\registration下,也可通过‘’template_name”设定在其他位置,必需设定'post_change_redirect': '/password-change-done'
-
password_change_form.html
{% block content %}
<div class="row text-center vertical-middle-sm">
<h1>Change Password </h1>
<p>Please enter your old password,fow security's sake,an then enter your new password twice so wn can verify ou typed it in correctly.</p>
{% if form.new_password1.help_text %}
<div class="text-left" style="margin-left: 400px">
<p>{{ form.new_password1.help_text|safe }}</p>
</div>
{% endif %}
<form class="form-horizontal" action="." method="post">{% csrf_token %}
<div class="form-group">
<label class="col-md-5 control-label text-right">
{{ form.old_password.label_tag }}
</label>
<div class="col-md-6 text-left">{{ form.old_password }}</div>
</div>
<div class="form-group">
<label class="col-md-5 control-label text-right">
{{ form.new_password1.label_tag }}
</label>
<div class="col-md-6 text-left">{{ form.new_password1 }}</div>
</div>
<div class="form-group">
<label class="col-md-5 control-label text-right">
{{ form.new_password2.label_tag }}
</label>
<div class="col-md-6 text-left">{{ form.new_password2 }}</div>
</div>
<input type="submit" value="Change my password" class="btn btn-primary btn-lg">
</form>
</div>
{% endblock %}
- password_change_done.html
{% extends "base.html" %}
{% block title %}password change done{% endblock %}
{% block content %}
<div class="row text-center vertical-middle-sm">
<P>Your password was changed.</P>
</div>
{% endblock %}
4.注意事项
- 使用django auth进行登录,当验证登陆成功后,页面会自动跳转到/account/profile,报找不到页面的错误,需要在project的setting.py中设定
LOGIN_REDIRECT_URL = ‘/home’,指定登陆成功后跳转的页面。
-
9、清理session数据,自此django的认证登陆登出功能完成,但是此处有个问题,就是当用户在手动关闭浏览器的时候,session数据不会自动失效,数据库的session数据也不会自动删除,所以需要在setting.py中加一些配置,然后写一个定时清理该表过期session数据的脚本
SESSION_COOKIE_AGE = 60*30#设置session过期时间为30分钟 SESSION_EXPIRE_AT_BROWSER_CLOSE = True #当浏览器被关闭的时候将session失效,但是不能删除数据库的session数据 SESSION_SAVE_EVERY_REQUEST = True #每次请求都要保存一下session
