auth module is a package for login authentication methods, before we get the username and password entered by the user needs its own query from a corresponding user information table has no objects that match the user name and password, and then with the auth module can be very easy to verify the user's login information exists in the database.
In addition, auth session also made some package to help us verify whether the user is logged on
We can rely auth module to achieve registration, login, logout, change password these operations.
Sign up operation
Auth module from the need to import user method
User object properties: username, saved password (required) password hashing algorithm to use database
is_staff: whether the user has administrative permissions for the site.
Is_active: whether to allow user login, set to `` False `` you can not delete user to disable user login
auth module default auth_user this table
create_user used to create a normal user
from django.contrib.auth.models import User
首先要从auth模块导入user方法 def register(request): if request.method == 'GET': return render(request, 'register.html') else: username = request.POST.get('username') pwd = request.POST.get('pwd') # User.objects.create(username=username, password=pwd) User.objects.create_superuser(username=username, password=pwd, email='[email protected]')
create_superuser是生成超级用户(管理员)
User.objects.create_user(username=username, password=pwd)
return HttpResponse('successs')
Landing operation
Landing operations will use authenticate () and login (HttpRequest, user) two methods
authenticate()
Provides user authentication, which validates the username and password are correct, it normally takes two keyword arguments username password
If the authentication information is valid, it returns a User object. authenticate () will be provided on a User object attribute that identifies the user authentication backend authentication and the login information is later in the process is required. When we attempted to land a take out directly from the database without authenticate () User object will complain! !
login(HttpRequest, user)
login takes an HttpRequest object and a User object certified
This function uses the session django framework of an authenticated user to additional information on the session id
Import the auth django.contrib from
USER_OBJ = auth.authenticate (Request, username = username, password pwd =)
## the authenticate: mainly from the auth - user queries are this table data, the object returns a USER_OBJ
IF USER_OBJ:
#### setting the session
the auth.login (Request, User = USER_OBJ)
action:
1. set Cookie, the session
2. request.user generating object, the object can be re-used in the function views
3. request.user object corresponds request.session