1. Basic data
1. Model class
class Usermodel(models.Model):
id = models.AutoField(primary_key=True)
user = models.CharField(max_length=32,verbose_name='用户名')
password = models.CharField(max_length=512,verbose_name='密码')
2. View function
from django.contrib.auth.hashers import make_password, check_password
from django.http import JsonResponse
from django.views import View
2.1. Registration view
class ResgisterView(View):
def post(self,request):
username = request.POST.get('username')
password = request.POST.get('password')
user = models.Usermodel.objects.filter(user=username)
if user:
return JsonResponse({'code':404,'msg':'该用户已经存在了'})
else:
#使用django自带的加密模块,对密码进行加密处理
password = make_password(password=password,salt=username)
models.Usermodel.objects.create(user=username,password=password)
return JsonResponse({'code':200,'msg':'用户注册成功'})
2.2. Login view
class LoginView(View):
def post(self,request):
user = request.POST.get('username')
password = request.POST.get('password')
user_obj = models.Usermodel.objects.filter(user=user).first()
if user_obj:
#检查用户的密码是否正确
is_true = check_password(password,user_obj.password)
if is_true:
response = JsonResponse({'code':200,'msg':'登录成功'})
#设置cookies
response.set_cookie('name',user)
#设置session
request.session['user']=user
return response
else:
return JsonResponse({'code':404,'msg':'密码错误'})
else:
return JsonResponse({'code':404,'msg':'用户不存在'})
2.3, home directory [need to log in to enter]
class HomeView(View):
def get(self,request):
return JsonResponse({'code':200,'data':[1,2,3,4,5],'msg':'home界面'})
3. Routing
from django.contrib import admin
from django.urls import path,include
from . import views
urlpatterns = [
path('login/',views.LoginView.as_view(),name='index-login'),
path('home/',views.HomeView.as_view(),name='index-home'),
path('register/',views.ResgisterView.as_view(),name='index-register'),
]
2. Middleware authentication class
1. Writing of certification
Under the root project, create a new util package, create the authen.py file, and create the AuthenticationMiddle class
from django.utils.deprecation import MiddlewareMixin
from django.http import JsonResponse
class AuthenticationMiddle(MiddlewareMixin):
#认证中间件
def process_request(self,request):
#无需认证的白名单,后续之间添加进去就可以
pass_url = ['/index/login/','/index/register/']
request_path = request.path
if request_path in pass_url:
#白名单的路由无需进行认证步骤:如登录功能,或其他无需登录就可以访问的功能
return None
else:
user = request.session.get('user')
if user:
#用户登录过了,无需操作
return None
else:
return JsonResponse({'msg':'当前用户还没有登录'},status=403)
2. Register in settings.py
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'util.authen.AuthenticationMiddle',
]
3. Description of the modules used
Encryption module and decryption module
from django.contrib.auth.hashers import make_password, check_password
Encryption module:
pwd = '123'
user = 'lhz'
password = make_password(password=pwd,salt=user)
#password 就是加密后的密码,盐是user,被加密的字符串是pwd
#使用加密的密码,给用户新建一条记录
model.UserModel.objects.create(user=user,password=password)
Decryption module:
pwd = '123'
user = 'lhz'
user_obj = models.UserModel.objects.filter(username=user).first()
#第一个参数是未加密的字符串,第二个参数是加密后的字符串,判断第一个参数加密是否是第二个参数
is_true = check_password(pwd,user_obj.password)
if is_true:
#用户密码检查通过
else:
#用户密码错误
2. Use of session and cookies modules
cookies:
from django.http import JsonResponse
def login(request):
#在登录成功后,在响应对象中,添加的cookies
#因为cookies数据是存到浏览器中的
repsonse = JsonResponse({'code':100})
response.set_cookies.set('user1','用户信息1')
response.set_cookies.set('user2','用户信息2')
return response
session:
from django.http import JsonResponse
def login(request):
#在登录成功后,在响应对象中,添加的cookies
#因为cookies数据是存到浏览器中的
repsonse = JsonResponse({'code':100})
response.set_cookies.set('user1','用户信息1')
response.set_cookies.set('user2','用户信息2')
#设置session,登录成功,设置session,用来记录用户登录状态,认证是认证session'数据的
request.session['is_login']=1
request.session['user']='当前的用户信息'
return response