""" from django.contrib.auth.models import AbstractUser 自定义UserInfo表并且继承AbstractUser 1.验证密码的时候,check_password 会取出数据库中保存的密码 2.调用mycheck_password ==》 password == 用户输入的密码 ; encoded == 数据库中保存的密码 from django.contrib.auth.hashers import check_password 3.默认的 check_password 会将用输入的密码进行一些列的加密,然后在判断是否跟数据库中的密文密码是否一致,如果一致返回True否者False 这里我们重写 让UserInfo去调用我们自己写的mycheck_password,删除加密的过程,直接判断密码是否一致 4.注册的时候设置明文需要重写 set_password 取消加密 """ from django.contrib.auth.models import User # User.objects.create_user() class UserInfo(AbstractUser): company = models.ForeignKey(verbose_name='所属公司', to='Company', on_delete=models.DO_NOTHING) store = models.ManyToManyField(verbose_name='用户关联店铺', to='Store', through='User2Store', through_fields=('userinfo', 'store')) def mycheck_password(self, password, encoded, setter=None, preferred='default'): """ Return a boolean of whether the raw password matches the three part encoded digest. If setter is specified, it'll be called when you need to regenerate the password. """ if password is None: return False if password != encoded: return False # If the hasher didn't change (we don't protect against enumeration if it # does) and the password should get updated, try to close the timing gap # between the work factor of the current encoded password and the default # work factor. if setter: setter(password) return True def check_password(self, raw_password): """ Return a boolean of whether the raw_password was correct. Handles hashing formats behind the scenes. """ def setter(raw_password): self.set_password(raw_password) # Password hash upgrades shouldn't be considered password changes. self._password = None self.save(update_fields=["password"]) return self.mycheck_password(raw_password, self.password, setter) def set_password(self, raw_password): # self.password = make_password(raw_password) self.password = raw_password self._password = raw_password class Meta: db_table = 'user' verbose_name = '用户表' verbose_name_plural = verbose_name def __str__(self): return self.username