Native Django-[project]-using middleware authentication process-cookie and session

Enterprise 2023-04-08 23:39:35 views: null

1. Basic data

1. Model class

class Usermodel(models.Model):
    id = models.AutoField(primary_key=True)
    user = models.CharField(max_length=32,verbose_name='用户名')
    password = models.CharField(max_length=512,verbose_name='密码')

2. View function

from django.contrib.auth.hashers import make_password, check_password
from django.http import JsonResponse
from django.views import View

2.1. Registration view

class ResgisterView(View):
    def post(self,request):
        username = request.POST.get('username')
        password = request.POST.get('password')
        user = models.Usermodel.objects.filter(user=username)
        if user:
            return JsonResponse({'code':404,'msg':'该用户已经存在了'})
        else:
            #使用django自带的加密模块,对密码进行加密处理
            password = make_password(password=password,salt=username)
            models.Usermodel.objects.create(user=username,password=password)
            return JsonResponse({'code':200,'msg':'用户注册成功'})

2.2. Login view

class LoginView(View):
    def post(self,request):
        user = request.POST.get('username')
        password = request.POST.get('password')
        user_obj = models.Usermodel.objects.filter(user=user).first()
        if user_obj:
            #检查用户的密码是否正确
            is_true = check_password(password,user_obj.password)
            if is_true:
                response = JsonResponse({'code':200,'msg':'登录成功'})
                #设置cookies
                response.set_cookie('name',user)
                #设置session
                request.session['user']=user
                return response
            else:
                return JsonResponse({'code':404,'msg':'密码错误'})
        else:
            return JsonResponse({'code':404,'msg':'用户不存在'})

2.3, home directory [need to log in to enter]

class HomeView(View):
    def get(self,request):
        return JsonResponse({'code':200,'data':[1,2,3,4,5],'msg':'home界面'})

3. Routing

from django.contrib import admin
from django.urls import path,include
from . import views

urlpatterns = [
    path('login/',views.LoginView.as_view(),name='index-login'),
    path('home/',views.HomeView.as_view(),name='index-home'),
    path('register/',views.ResgisterView.as_view(),name='index-register'),
]

2. Middleware authentication class

1. Writing of certification

Under the root project, create a new util package, create the authen.py file, and create the AuthenticationMiddle class

from django.utils.deprecation import MiddlewareMixin
from django.http import JsonResponse
class AuthenticationMiddle(MiddlewareMixin):
    #认证中间件
    def process_request(self,request):
        #无需认证的白名单,后续之间添加进去就可以
        pass_url = ['/index/login/','/index/register/']
        request_path = request.path
        if request_path in pass_url:
            #白名单的路由无需进行认证步骤:如登录功能,或其他无需登录就可以访问的功能
            return None
        else:
            user = request.session.get('user')
            if user:
                #用户登录过了,无需操作
                return None
            else:
                return JsonResponse({'msg':'当前用户还没有登录'},status=403)

2. Register in settings.py

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'util.authen.AuthenticationMiddle',
]

3. Description of the modules used

  1. Encryption module and decryption module

from django.contrib.auth.hashers import make_password, check_password

Encryption module:

pwd = '123'
user = 'lhz'
password = make_password(password=pwd,salt=user)
#password 就是加密后的密码,盐是user,被加密的字符串是pwd
#使用加密的密码,给用户新建一条记录
model.UserModel.objects.create(user=user,password=password)

Decryption module:

pwd = '123'
user = 'lhz'
user_obj = models.UserModel.objects.filter(username=user).first()
#第一个参数是未加密的字符串,第二个参数是加密后的字符串,判断第一个参数加密是否是第二个参数
is_true = check_password(pwd,user_obj.password)
if is_true:
    #用户密码检查通过
else:
    #用户密码错误

2. Use of session and cookies modules

cookies:

from django.http import JsonResponse

def login(request):
    #在登录成功后,在响应对象中,添加的cookies
    #因为cookies数据是存到浏览器中的
    repsonse = JsonResponse({'code':100})
    response.set_cookies.set('user1','用户信息1')
    response.set_cookies.set('user2','用户信息2')
    return response

session:

from django.http import JsonResponse

def login(request):
    #在登录成功后,在响应对象中,添加的cookies
    #因为cookies数据是存到浏览器中的
    repsonse = JsonResponse({'code':100})
    response.set_cookies.set('user1','用户信息1')
    response.set_cookies.set('user2','用户信息2')
    #设置session,登录成功,设置session,用来记录用户登录状态,认证是认证session'数据的
    request.session['is_login']=1
    request.session['user']='当前的用户信息'
    return response

Guess you like

Origin blog.csdn.net/weixin_46371752/article/details/129229385
Recommended
Ranking
How to make the url of the picture have the download attribute and force the download. Jump browser to download automatically.
Lr CC 8.3 Installation Guide
MD5Utils (MD5 encryption tools! Unsalted)
Econ 325 (004)
Photo studio photography appointment app based on java SpringBoot and Vue uniapp
What is b
2017 Second Guangdong strong network Cup online game --Nonstandard
myeclipse8.5 add tomact7
mpeg1, mpeg2 and mpeg4 standard comparative analysis and summary
Tencent sub-sub-group 6-color program
Daily
More
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)
2024-04-16(23)

Code World

© 2018 codetd.com