0907 self-summary
Refresh in django Auth module
from django.contrib import auth
A Set
Default Auth Form
auth
The default is to use the built-in user
form
Custom Forms Auth
Must be in settings.py
the telling Django
, I now use my newly defined UserInfo
table to do user authentication. Worded as follows:
# 引用Django自带的User表,继承使用时需要设置
AUTH_USER_MODEL = "app名.UserInfo"
In modles.py
creating a form model can AbstractUser
be inherited from because we can see it in the source code that comes with user auth expressed inherited AbstractUser
class can also inherit all we can then customize content for his
from django.contrib.auth.models import AbstractUser
class UserInfo(AbstractUser):
新增的内容
通过源码我们可以看出自带的几个内容
AbstractUser
Built-in field
源码里的内容
username :账号
first_name:姓
last_name:名
email:邮箱
is_staff : 用户是否拥有网站的管理权限.
is_active: 是否允许用户登录, 设置为 False,可以在不删除用户的前提下禁止用户登录。
date_joined:创建日期
Look at his parentAbstractBaseUser
password:密码
last_login:最后一次登入时间
is_active:是否允许用户登录, 设置为 False,可以在不删除用户的前提下禁止用户登录。
Look at his other parentPermissionsMixin
is_superuser:是否为超级账号也就管理员
groups:分组
user_permissions:用户权限
We can then add on this basis
II. Registration Related
Create a regular user
create_user()
Way to create a new user auth offer, it is necessary to provide the necessary parameters (username, password) and so on.
usage:
from django.contrib.auth.models import User
user = User.objects.create_user(username='用户名',password='密码',email='邮箱',...)
Creating a superuser
create_superuser()
Creating a new super user auth provides a method of providing the necessary parameters (username, password) and so on.
usage:
from django.contrib.auth.models import User
user = User.objects.create_superuser(username='用户名',password='密码',email='邮箱',...)
III. Login relevant
Verify Login
authenticate()
Provides user authentication function, namely to verify the user name and password are correct, it normally takes username, password two key parameters.
If authentication is successful (valid user name and password are correct), it will return a User object.
authenticate () sets a property on the rear end of the object to identify User has authenticated the user, and the login information in a subsequent process is required.
usage:
user = authenticate(username='usernamer',password='password')
The objects stored in the login request in
login(HttpRequest, user)
This function takes an HttpRequest object and a User object certified.
This function implements a user login functionality. Essentially it generates a session related data for the user at the rear end.
usage:
from django.contrib.auth import authenticate, login
def my_view(request):
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
# Redirect to a success page.
...
else:
# Return an 'invalid login' error message.
...
After this setting can be directly request.user
point out that账号相关信息
is_authenticated
forTrue
The objects stored in the login request removal
logout(request)
This function takes a HttpRequest object, no return value.
When the function is called, the current request will clear all session information. Even if the user is not logged in, use this function also does not complain.
usage:
from django.contrib.auth import logout
def logout_view(request):
logout(request)
# Redirect to a success page.
After this set directly request.user
on empty
is_authenticated
forFalse
By certification
is_authenticated()
Used to determine whether the current request certified.
usage:
def my_view(request):
if not request.user.is_authenticated():
return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))
Page operation
{% if request.user.is_authenticated %}
如果里面有通过验证的user就为真没有就没否
IV. Login decorator
login_requierd()
auth provides us with a decorative tool for quick login to add a check to the view.
usage:
from django.contrib.auth.decorators import login_required
@login_required
def my_view(request):
...
If the user is not logged, it will jump to the django default login URL '/ accounts / login /' and pass the current url to access the absolute path (after a successful landing, will be redirected to the path).
If you want to customize the login URL, you need to be modified by LOGIN_URL in settings.py file.
Example:
LOGIN_URL = '/login/' # 这里配置成你项目登录页面的路由
V. Passwords
Inspection password is correct
check_password(password)
The correct way to check whether a password auth offer, you need to provide the current request the user's password.
The password is correct return True, otherwise False.
usage:
ok = user.check_password('密码')
change Password
set_password(password)
The method of modifying a password provided by the auth received new password to be set as a parameter.
Note: After setting sure to call the save method for user objects! ! !
usage:
user.set_password(password='')
user.save()
VI. Note
上面的写的都是基于auth自带的user表达写的
Importing
from django.contrib.auth.models import User
If it is a custom form, pleaseuser换成你自定义的表单名称