day3 crm客户管理之初始化用户权限
用户登录时,就可以根据自己的【用户】找到所有的角色,再根据角色找到所有的权限,再将权限信息放入session
目录结构:
路由设置
web/urls.py
from django.conf.urls import url
from web.views import account
urlpatterns = [
url(r'^login/$',account.login)
]
luffy_permission_simon/urls.py
from django.contrib import admin
from django.conf.urls import include,url
urlpatterns = [
url('^admin/', admin.site.urls),
url('^', include('web.urls'))
]
用户登录视图放在web/views/account.py
# -*- encoding: utf-8 -*-
"""
@File : account.py
@Time : 2021-12-15 22:04
@Author : tangsai
@Email : 294168604@qq.com
@Software: PyCharm
"""
from django.shortcuts import HttpResponse, render, redirect
from rbac import models
def login(request):
# 1. 用户登录
if request.method == 'GET':
return render(request, 'login.html')
user = request.POST.get('user')
pwd = request.POST.get('pwd')
current_user = models.UserInfo.objects.filter(name=user, password=pwd).first()
if not current_user:
return render(request, 'login.html', {'msg': '用户名或密码错误'})
# 2. 权限信息初始化
# 根据当前用户信息获取此用户所拥有的所有权限,并放入session。
# 当前用户所有权限
permission_queryset = current_user.roles.filter(permissions__isnull=False).values("permissions__id",
"permissions__url").distinct()
# 获取权限中所有的URL
# permission_list = []
# for item in permission_queryset:
# permission_list.append(item['permissions__url'])
permission_list = [item['permissions__url'] for item in permission_queryset]
# for item in permission_list:
# print(item)
# request.session[settings.PERMISSION_SESSION_KEY] = permission_list
request.session['luffy_permission_url_list_key'] = permission_list
return redirect('/customer/list/')
模板
login.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h1>用户登录</h1>
<form method="post">
{% csrf_token %}
<input type="text" name="user" placeholder="请输入用户名">
<input type="password" name="pwd" placeholder="请输入密码">
<input type="submit" value="提交"><span style="color: red">{{ msg }}</span>
</form>
</body>
</html>
