Django最方便的一点可以说就是自带的用户系统了,不过某些情况下自带的用户系统不太符合项目需求,比如你想添加几个字段怎么办?当然可以使用自定Model然后外键关联User类来实现,不过一方面关联查询的效率比直接查询效率要低,另一方面想删除系统自带用户系统的某些字段怎么办呢?
所以,自定义用户模型可以说是一种很常见的需求。这里以Django1.9为例,记录一下自定义用户模型的方法。
首先新建一个APP,我这里叫做’accounts’,为了简单起见,我只定义一个包含用户名、密码、手机号、是否有效、是否是管理员的类。编写models.py文件:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 |
# coding=utf-8 from __future__ import unicode_literals from django.db import models from django.contrib.auth.models import ( BaseUserManager, AbstractBaseUser ) class MyUserManager(BaseUserManager): def create_user(self, username, password=None): """ Creates and saves a User with the given username and password. """ if not username: raise ValueError('Users must have an username') user = self.model( username=username, ) user.set_password(password) user.save(using=self._db) return user def create_superuser(self, username, password): """ Creates and saves a superuser with the given username and password. """ user = self.create_user( username, password=password, ) user.is_admin = True user.save(using=self._db) return user class MyUser(AbstractBaseUser): username = models.CharField('username',max_length=11,unique=True) phone = models.CharField('phone',blank=True,max_length=11) is_active = models.BooleanField(default=True) is_admin = models.BooleanField(default=False) objects = MyUserManager() USERNAME_FIELD = 'username' # REQUIRED_FIELDS = ['xxx'] def get_full_name(self): # The user is identified by their username return self.username def get_short_name(self): # The user is identified by their username return self.username def __unicode__(self): return self.username def has_perm(self, perm, obj=None): "Does the user have a specific permission?" # Simplest possible answer: Yes, always return True def has_module_perms(self, app_label): "Does the user have permissions to view the app `app_label`?" # Simplest possible answer: Yes, always return True def is_staff(self): "Is the user a member of staff?" # Simplest possible answer: All admins are staff return self.is_admin |
由于不想要自带的某些字段,比如email、firstname一类的,所以继承了AbstractBaseUser,这个类只提供了password、last_login这几个基本属性。USERNAME_FIELD定义了登录的用户名是哪个,REQUIRED_FIELDS则定义了哪些是必填字段,后面的3个方法都和权限相关,为了简单这里都返回True,实际情况需要根据需求进行修改。
接下来修改admin.py,否则在管理界面是看不到自定义用户模型的:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 |
from django import forms from django.contrib import admin from django.contrib.auth.models import Group from django.contrib.auth.admin import UserAdmin as BaseUserAdmin from django.contrib.auth.forms import ReadOnlyPasswordHashField from accounts.models import MyUser class UserCreationForm(forms.ModelForm): """A form for creating new users. Includes all the required fields, plus a repeated password.""" password1 = forms.CharField(label='Password', widget=forms.PasswordInput) password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput) class Meta: model = MyUser fields = ('username','phone') def clean_password2(self): # Check that the two password entries match password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2 and password1 != password2: raise forms.ValidationError("Passwords don't match") return password2 def save(self, commit=True): # Save the provided password in hashed format user = super(UserCreationForm, self).save(commit=False) user.set_password(self.cleaned_data["password1"]) if commit: user.save() return user class UserChangeForm(forms.ModelForm): """A form for updating users. Includes all the fields on the user, but replaces the password field with admin's password hash display field. """ password = ReadOnlyPasswordHashField() class Meta: model = MyUser fields = ('username', 'password','phone', 'is_active', 'is_admin') def clean_password(self): # Regardless of what the user provides, return the initial value. # This is done here, rather than on the field, because the # field does not have access to the initial value return self.initial["password"] class UserAdmin(BaseUserAdmin): # The forms to add and change user instances form = UserChangeForm add_form = UserCreationForm # The fields to be used in displaying the User model. # These override the definitions on the base UserAdmin # that reference specific fields on auth.User. list_display = ('username','jy_partner', 'is_admin') list_filter = ('is_admin',) fieldsets = ( (None, {'fields': ('username', 'password')}), ('Personal info', {'fields': ('phone',)}), ('Permissions', {'fields': ('is_admin',)}), ) # add_fieldsets is not a standard ModelAdmin attribute. UserAdmin # overrides get_fieldsets to use this attribute when creating a user. add_fieldsets = ( (None, { 'classes': ('wide',), 'fields': ('username', 'phone', 'password1', 'password2')} ), ) search_fields = ('username',) ordering = ('username',) filter_horizontal = () # Now register the new UserAdmin... admin.site.register(MyUser, UserAdmin) # ... and, since we're not using Django's built-in permissions, # unregister the Group model from admin. admin.site.unregister(Group) |
这里我们定义了2个Form用于创建、修改用户时使用,然后把我们自定义的用户模型注册到管理页面中,由于我们使用自定义用户模型所以无法使用Django自带的权限系统,注意最后一句把组功能在管理后台移除。
关于权限部分可以看官网文档。
如此自定义模型后,登录时需要手动指定后端,否则会报错:AttributeError: 'MyUser' object has no attribute 'backend'