前言
Django附带的认证对于大多数常见情况来说已经足够了,但是如何在 Django 中使用自定义的数据表进行用户认证,有一种较为笨蛋的办法就是自定义好数据表后,使用OnetoOne来跟 Django 的表进行关联,类似于这样:
from django.contrib.auth.models import User class UserProfile(models.Model): """ 用户账号表 """ user = models.OneToOneField(User) name = models.CharField(max_length=32) def __str__(self): return self.name class Meta: verbose_name_plural = verbose_name = "用户账号" ordering = ['id']
这样做虽然可以简单、快速的实现,但是有一个问题就是我们在自己的表中创建一个用户就必须再跟 admin 中的一个用户进行关联,这简直是不可以忍受的。
admin代替默认User model
写我们自定义的 models 类来创建用户数据表来代替默认的User model,而不与django admin的进行关联,相关的官方文档在这里
"htmlcode">
from django.db import models from django.contrib.auth.models import User from django.contrib.auth.models import ( BaseUserManager, AbstractBaseUser ) class UserProfileManager(BaseUserManager): def create_user(self, email, name, password=None): """ 用户创建,需要提供 email、name、password """ if not email: raise ValueError('Users must have an email address') user = self.model( email=self.normalize_email(email), name=name, ) user.set_password(password) user.save(using=self._db) return user def create_superuser(self, email, name, password): """ 超级用户创建,需要提供 email、name、password """ user = self.create_user( email, password=password, name=name, ) user.is_admin = True user.is_active = True user.save(using=self._db) return user class UserProfile(AbstractBaseUser): # 在此处可以配置更多的自定义字段 email = models.EmailField( verbose_name='email address', max_length=255, unique=True, ) name = models.CharField(max_length=32, verbose_name="用户名称") phone = models.IntegerField("电话") is_active = models.BooleanField(default=True) is_admin = models.BooleanField(default=False) objects = UserProfileManager() USERNAME_FIELD = 'email' # 将email 作为登入用户名 REQUIRED_FIELDS = ['name', 'phone'] def __str__(self): return self.email def get_full_name(self): # The user is identified by their email address return self.email def get_short_name(self): # The user is identified by their email address return self.email def has_perm(self, perm, obj=None): "Does the user have a specific permission" # Simplest possible answer: Yes, always return True def has_module_perms(self, app_label): "Does the user have permissions to view the app `app_label`" # Simplest possible answer: Yes, always return True @property def is_staff(self): "Is the user a member of staff" # Simplest possible answer: All admins are staff return self.is_admin
admin 配置
class UserCreationForm(forms.ModelForm): """A form for creating new users. Includes all the required fields, plus a repeated password.""" password1 = forms.CharField(label='Password', widget=forms.PasswordInput) password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput) class Meta: model = models.UserProfile fields = ('email', 'name') def clean_password2(self): password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2 and password1 != password2: raise forms.ValidationError("Passwords don't match") return password2 def save(self, commit=True): user = super(UserCreationForm, self).save(commit=False) user.set_password(self.cleaned_data["password1"]) if commit: user.save() return user class UserChangeForm(forms.ModelForm): """A form for updating users. Includes all the fields on the user, but replaces the password field with admin's password hash display field. """ password = ReadOnlyPasswordHashField() class Meta: model = models.UserProfile fields = ('email', 'password', 'name', 'is_active', 'is_admin') def clean_password(self): return self.initial["password"] class UserProfileAdmin(BaseUserAdmin): form = UserChangeForm add_form = UserCreationForm list_display = ('email', 'name', 'is_admin', 'is_staff') list_filter = ('is_admin',) fieldsets = ( (None, {'fields': ('email', 'password')}), ('Personal info', {'fields': ('name',)}), ('Permissions', {'fields': ('is_admin', 'is_active', 'roles', 'user_permissions', 'groups')}), ) add_fieldsets = ( (None, { 'classes': ('wide',), 'fields': ('email', 'name', 'password1', 'password2')} ), ) search_fields = ('email',) ordering = ('email',) filter_horizontal = ('groups', 'user_permissions','roles')
2.Django允许您通过AUTH_USER_MODEL配置来引用自定义的model设置来覆盖默认User模型,这个配置的配置方法为在 settings 中加入:AUTH_USER_MODEL = "APP.model_class"
,例如本例中我们需要在 setting 中加入以下配置:
AUTH_USER_MODEL = "app1.UserProfile"
3.部署
python manage.py makemigrations python manage.py migrate
创建一个新用户,此时我们就可以用这个用户来登录 admin 后台了
python manage.py createsuperuser
效果如下:
自定义认证
那如果我们需要使用我们自己的认证系统呢,假如我们有一个 login 页面和一个 home 页面:
from django.shortcuts import render, HttpResponse, redirect from django.contrib.auth import authenticate,login,logout from app1 import models from django.contrib.auth.decorators import login_required def auth_required(auth_type): # 认证装饰器 def wapper(func): def inner(request, *args, **kwargs): if auth_type == 'admin': ck = request.COOKIES.get("login") # 获取当前登录的用户 if request.user.is_authenticated() and ck: return func(request, *args, **kwargs) else: return redirect("/app1/login/") return inner return wapper def login_auth(request): # 认证 if request.method == "GET": return render(request, 'login.html') elif request.method == "POST": username = request.POST.get('username', None) password = request.POST.get('password', None) user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) _next = request.GET.get("next",'/crm') return redirect('_next') else: return redirect('/app1/login/') else: return redirect('/app1/login/') else: pass def my_logout(request): # 注销 if request.method == 'GET': logout(request) return redirect('/app1/login/') @login_required def home(request): # home page path1, path2 = "Home", '主页' if request.method == "GET": return render(request, 'home.html', locals()) elif request.method == "POST": pass
总结
以上就是这篇文章的全部内容了,希望本文的内容对大家的学习或者工作具有一定的参考学习价值,如果有疑问大家可以留言交流,谢谢大家对的支持。
稳了!魔兽国服回归的3条重磅消息!官宣时间再确认!
昨天有一位朋友在大神群里分享,自己亚服账号被封号之后居然弹出了国服的封号信息对话框。
这里面让他访问的是一个国服的战网网址,com.cn和后面的zh都非常明白地表明这就是国服战网。
而他在复制这个网址并且进行登录之后,确实是网易的网址,也就是我们熟悉的停服之后国服发布的暴雪游戏产品运营到期开放退款的说明。这是一件比较奇怪的事情,因为以前都没有出现这样的情况,现在突然提示跳转到国服战网的网址,是不是说明了简体中文客户端已经开始进行更新了呢?
更新动态
- 凤飞飞《我们的主题曲》飞跃制作[正版原抓WAV+CUE]
- 刘嘉亮《亮情歌2》[WAV+CUE][1G]
- 红馆40·谭咏麟《歌者恋歌浓情30年演唱会》3CD[低速原抓WAV+CUE][1.8G]
- 刘纬武《睡眠宝宝竖琴童谣 吉卜力工作室 白噪音安抚》[320K/MP3][193.25MB]
- 【轻音乐】曼托凡尼乐团《精选辑》2CD.1998[FLAC+CUE整轨]
- 邝美云《心中有爱》1989年香港DMIJP版1MTO东芝首版[WAV+CUE]
- 群星《情叹-发烧女声DSD》天籁女声发烧碟[WAV+CUE]
- 刘纬武《睡眠宝宝竖琴童谣 吉卜力工作室 白噪音安抚》[FLAC/分轨][748.03MB]
- 理想混蛋《Origin Sessions》[320K/MP3][37.47MB]
- 公馆青少年《我其实一点都不酷》[320K/MP3][78.78MB]
- 群星《情叹-发烧男声DSD》最值得珍藏的完美男声[WAV+CUE]
- 群星《国韵飘香·贵妃醉酒HQCD黑胶王》2CD[WAV]
- 卫兰《DAUGHTER》【低速原抓WAV+CUE】
- 公馆青少年《我其实一点都不酷》[FLAC/分轨][398.22MB]
- ZWEI《迟暮的花 (Explicit)》[320K/MP3][57.16MB]