话不多说,我们来快速配置一个django的auth模块
auth模块的功能:进行验证登录,注销,更改密码,保存登陆状态,判断登陆状态
命令相关:
1. 创建超级用户 python manage.py createsuperuser 2. 认证 校验用户名和密码 obj = auth.authenticate(request,username,password) 认证成功返回 对象 失败 None 3. 保存登录状态 记录到session login(request, user) 4. 注销 删除session logout(request) 5. 判断登录状态 request.user.is_authenticated() 6. 创建用户 from django.contrib.auth.models import User # 密码是明文的 User.objects.create(username=username,password=password) # 密码是密文的 普通用户 User.objects.create_user(**form_obj.cleaned_data) # 创建超级用户 User.objects.create_superuser(email='',**form_obj.cleaned_data) 7. 密码相关 # 检验密码 request.user.check_password('root1234') # 设置密码 request.user.set_password('admin1234') request.user.save()
补充:django自带的用户字段有时不满足我们的需求,这时候需要我们进行自定义
自定义步骤:
1 在settings.py中声明user表 :AUTH_USER_MODEL = "app01.UserInfo"
2 在models中导入: from django.contrib.auth.models import AbstractUser
3 创建model,只需要声明额外添加的字段:
class UserInfo(AbstractUser): phone = models.CharField(max_length=11)
配置完成:案例
from django.shortcuts import render, redirect
from django.contrib import auth
from django.contrib.auth.decorators import login_required
from app01.forms import RegForm
from django.contrib.auth.models import User,AbstractUser
from app01.models import UserInfo
def login(request):
if request.method == 'POST':
# 方法一
username = request.POST.get('username')
password = request.POST.get('password')
obj = auth.authenticate(request, username=username, password=password)
# 方法二
# request.POST.pop('csrfmiddlewaretoken')
# obj = auth.authenticate(request, **request.POST)
# print(obj)
if obj:
# 记录登录状态
auth.login(request, obj)
next = request.GET.get('next')
if next:
return redirect(next)
return redirect('/index/')
# 返回登录页面
return render(request, 'login.html')
@login_required
def index(request):
# 登录状态
# print(request.user.is_authenticated())
print(request.user.password)
if request.user.check_password('root1234'):
request.user.set_password('admin1234')
request.user.save()
return render(request, 'index.html')
# 注销
def logout(request):
auth.logout(request)
return redirect('/login/')
def reg(request):
form_obj = RegForm()
if request.method == 'POST':
form_obj = RegForm(request.POST)
if form_obj.is_valid():
# 数据库操作
# username = form_obj.cleaned_data.get('username')
# password = form_obj.cleaned_data.get('password')
#
# UserInfo.objects.create(username=username,password=password)
form_obj.cleaned_data.pop('re_password')
UserInfo.objects.create_user(is_staff=1, **form_obj.cleaned_data)
# 创建超级用户
# UserInfo.objects.create_superuser(email='', **form_obj.cleaned_data)
return redirect('/login/')
return render(request, 'reg.html', {'form_obj': form_obj})