当前位置 : 主页 > 编程语言 > python >

Auth用户认证组件

来源:互联网 收集:自由互联 发布时间:2022-06-15
用户认证组件: 功能:用session记录登录验证状态 前提:用户表:django自带的auth-user python3 manage.py createsuperuser #创建超级用户 补充匿名用户: API: from django.contrib import auth : 1. #if 验证成功

用户认证组件:

  功能:用session记录登录验证状态

  前提:用户表:django自带的auth-user

python3 manage.py createsuperuser #创建超级用户

 补充匿名用户:

API:
from django.contrib import auth :
1. #if 验证成功返回user对象,否则返回None
user = auth.authenticate(username=user,password=pwd)
2. auth.login(request,user) #request.user 当前登录对象
3. auth.login(request)
from django.contrib.auth.models import User #User == auth_user
4. request.user.is_authenticated
5.user = User.objects.create_user(username='',password='',email='')

补充:
匿名用户对象:
匿名用户
class models.AnonymousUser

django.contrib.auth.models.AnonymousUser #这个类实现了django.contrib.auth.models.User
借口,但是又几点不同:
id永远是None
username永远为空字符串
get_username()永远返回空字符串
is_staff和is_superuser永远是False
is_active永远是False
groups和user_permissions永远为空
is_annonymous()返回True 而不是False
is_authenticated()返回时False,而不是True
set_password()、check_password()、save()和delete()引发NotImplementedError。
New in Django 1.8:
新增 AnonymouseUser.get_username()以更好的模拟django.contrib.auth.moudels.User
总结:
  if not :auth.login(request,user)  request.user = AnonymousUser()
  else:request.user==登录对象
  request.user是一个全局变量

 views.py

Auth用户认证组件_pythonAuth用户认证组件_#if_02

from django.shortcuts import render, redirect

# Create your views here.

from django.contrib import auth
from django.contrib.auth.models import User
from django.contrib.auth.decorators import login_required


def login(request):
if request.method == 'POST':
# 取得账号密码,验证用户对象
user = request.POST.get("user")
pwd = request.POST.get("pwd")
# if验证成功返回user对象,否则返回NONE
user = auth.authenticate(username=user, password=pwd)
if user:
auth.login(request, user) # request.user:当前登录对象
next_url = request.GET.get("next", "/index/")
return redirect(next_url)
return render(request, "login.html")


# 登录验证装饰器
@login_required
def index(request):
# 打印匿名用户信息
# print("request.user:",request.user.username)
# print("request.user:",request.user.id)
# print("request.user:",request.user.is_anonymous)
#
# #if request.user.is_anonymous:
# if not request.user.is_authenticated:
# return redirect("/login/")

username = request.user.username
return render(request, "index.html", {"username": username})
# return render(request,"index.html")


@login_required
def order(request):
if not request.user.is_authenticated:
return render(request, "order.html")
return render(request,"order.html")


# 注销登录
def logout(request):
auth.logout(request)
return redirect("/login/")


# 注册页面
def reg(request):
# 取得注册信息
if request.method == "POST":
user = request.POST.get("user")
pwd = request.POST.get("pwd")
# 这种是不对的
# User.objects.create(username=user,password=pwd)
user = User.objects.create_user(username=user, password=pwd)
return redirect("/login/")
return render(request, "reg.html")

views.py

 settings.py

Auth用户认证组件_pythonAuth用户认证组件_#if_02

# LANGUAGE_CODE = 'en-us'
LANGUAGE_CODE = 'zh-Hans'

# TIME_ZONE = 'UTC'
TIME_ZONE = 'Asia/Shanghai'

USE_I18N = True

USE_L10N = True

USE_TZ = True
# USE_TZ = False


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/2.0/howto/static-files/

STATIC_URL = '/static/'

LOGIN_URL = "/login/"

settings.py

urls.py

Auth用户认证组件_pythonAuth用户认证组件_#if_02

from django.contrib import admin
from django.urls import path

from blog import views

urlpatterns = [
path('admin/', admin.site.urls),
path('login/', views.login),
path('index/', views.index),
path('order/', views.order),
path('logout/', views.logout),
path('reg/', views.reg),

]

urls.py


努力成为一个开发者 个人站点:www.pythonav.cn




上一篇:Django组件-分页器
下一篇:没有了
网友评论