话不多说,我们来快速配置一个django的auth模块
auth模块的功能:进行验证登录,注销,更改密码,保存登陆状态,判断登陆状态
命令相关:
1. 创建超级用户 python manage.py createsuperuser 2. 认证 校验用户名和密码 obj = auth.authenticate(request,username,password) 认证成功返回 对象 失败 None 3. 保存登录状态 记录到session login(request, user) 4. 注销 删除session logout(request) 5. 判断登录状态 request.user.is_authenticated() 6. 创建用户 from django.contrib.auth.models import User # 密码是明文的 User.objects.create(username=username,password=password) # 密码是密文的 普通用户 User.objects.create_user(**form_obj.cleaned_data) # 创建超级用户 User.objects.create_superuser(email='',**form_obj.cleaned_data) 7. 密码相关 # 检验密码 request.user.check_password('root1234') # 设置密码 request.user.set_password('admin1234') request.user.save()
补充:django自带的用户字段有时不满足我们的需求,这时候需要我们进行自定义
自定义步骤:
1 在settings.py中声明user表 :AUTH_USER_MODEL = "app01.UserInfo"
2 在models中导入: from django.contrib.auth.models import AbstractUser
3 创建model,只需要声明额外添加的字段:
class UserInfo(AbstractUser): phone = models.CharField(max_length=11)
配置完成:案例
from django.shortcuts import render, redirect from django.contrib import auth from django.contrib.auth.decorators import login_required from app01.forms import RegForm from django.contrib.auth.models import User,AbstractUser from app01.models import UserInfo def login(request): if request.method == 'POST': # 方法一 username = request.POST.get('username') password = request.POST.get('password') obj = auth.authenticate(request, username=username, password=password) # 方法二 # request.POST.pop('csrfmiddlewaretoken') # obj = auth.authenticate(request, **request.POST) # print(obj) if obj: # 记录登录状态 auth.login(request, obj) next = request.GET.get('next') if next: return redirect(next) return redirect('/index/') # 返回登录页面 return render(request, 'login.html') @login_required def index(request): # 登录状态 # print(request.user.is_authenticated()) print(request.user.password) if request.user.check_password('root1234'): request.user.set_password('admin1234') request.user.save() return render(request, 'index.html') # 注销 def logout(request): auth.logout(request) return redirect('/login/') def reg(request): form_obj = RegForm() if request.method == 'POST': form_obj = RegForm(request.POST) if form_obj.is_valid(): # 数据库操作 # username = form_obj.cleaned_data.get('username') # password = form_obj.cleaned_data.get('password') # # UserInfo.objects.create(username=username,password=password) form_obj.cleaned_data.pop('re_password') UserInfo.objects.create_user(is_staff=1, **form_obj.cleaned_data) # 创建超级用户 # UserInfo.objects.create_superuser(email='', **form_obj.cleaned_data) return redirect('/login/') return render(request, 'reg.html', {'form_obj': form_obj})