Django使用者認證系統如何實現自定義
自定義使用者認證系統
Django 自帶的使用者認證系統已經可以滿足大部分的情況,但是有時候我們需要某些特定的需求。Django 支援使用其他認證系統、也可以擴充套件Django的User模組,完全自定義新的認證模組。
參考:https://docs.djangoproject.com/en/2.0/topics/auth/customizing/
a、拷貝以下程式碼到model檔案中:
from django.db import models from django.contrib.auth.models import ( BaseUserManager,AbstractBaseUser ) class MyUserManager(BaseUserManager): def create_user(self,email,name,password=None): """ Creates and saves a User with the given email,date of birth and password. """ if not email: raise ValueError('Users must have an email address') user = self.model( email=self.normalize_email(email),name=name,) user.set_password(password) user.save(using=self._db) return user def create_superuser(self,password): """ Creates and saves a superuser with the given email,date of birth and password. """ user = self.create_user( email,password=password,) user.is_admin = True user.save(using=self._db) return user class UserProfile(AbstractBaseUser): '''賬號表''' email = models.EmailField( verbose_name='email address',max_length=255,unique=True,) name = models.CharField(max_length=32) is_active = models.BooleanField(default=True) is_admin = models.BooleanField(default=False) objects = MyUserManager() USERNAME_FIELD = 'email' REQUIRED_FIELDS = ['name'] def __str__(self): return self.email def has_perm(self,perm,obj=None): "Does the user have a specific permission?" # Simplest possible answer: Yes,always return True def has_module_perms(self,app_label): "Does the user have permissions to view the app `app_label`?" # Simplest possible answer: Yes,always return True @property def is_staff(self): "Is the user a member of staff?" # Simplest possible answer: All admins are staff return self.is_admin
注意:email,name等欄位都是可以自定義的
b、在admin.py中新增如下程式碼:
from django import forms from django.contrib import admin from django.contrib.auth.models import Group from django.contrib.auth.admin import UserAdmin as BaseUserAdmin from django.contrib.auth.forms import ReadOnlyPasswordHashField from customauth.models import MyUser class UserCreationForm(forms.ModelForm): """A form for creating new users. Includes all the required fields,plus a repeated password.""" password1 = forms.CharField(label='Password',widget=forms.PasswordInput) password2 = forms.CharField(label='Password confirmation',widget=forms.PasswordInput) class Meta: model = MyUser fields = ('email','date_of_birth') def clean_password2(self): # Check that the two password entries match password1 = self.cleaned_data.get("password1") password2 = self.cleaned_data.get("password2") if password1 and password2 and password1 != password2: raise forms.ValidationError("Passwords don't match") return password2 def save(self,commit=True): # Save the provided password in hashed format user = super().save(commit=False) user.set_password(self.cleaned_data["password1"]) if commit: user.save() return user class UserChangeForm(forms.ModelForm): """A form for updating users. Includes all the fields on the user,but replaces the password field with admin's password hash display field. """ password = ReadOnlyPasswordHashField() class Meta: model = MyUser fields = ('email','password','date_of_birth','is_active','is_admin') def clean_password(self): # Regardless of what the user provides,return the initial value. # This is done here,rather than on the field,because the # field does not have access to the initial value return self.initial["password"] class UserAdmin(BaseUserAdmin): # The forms to add and change user instances form = UserChangeForm add_form = UserCreationForm # The fields to be used in displaying the User model. # These override the definitions on the base UserAdmin # that reference specific fields on auth.User. list_display = ('email','is_admin') list_filter = ('is_admin',) fieldsets = ( (None,{'fields': ('email','password')}),('Personal info',{'fields': ('date_of_birth',)}),('Permissions',{'fields': ('is_admin',) # add_fieldsets is not a standard ModelAdmin attribute. UserAdmin # overrides get_fieldsets to use this attribute when creating a user. add_fieldsets = ( (None,{ 'classes': ('wide',),'fields': ('email','password1','password2')} ),) search_fields = ('email',) ordering = ('email',) filter_horizontal = () # Now register the new UserAdmin... admin.site.register(MyUser,UserAdmin) # ... and,since we're not using Django's built-in permissions,# unregister the Group model from admin. admin.site.unregister(Group)
C、 在settings.py中新增配置:
AUTH_USER_MODEL = 'customauth.MyUser' #customauth指APP name,MyUser指自定義的使用者表model類
(這個時候仍然可以使用django.contrib.auth import authenticate,login,logout 等認證方法,只是儲存資料的表不一樣)
D、建立超級使用者
首先我們要新建一個使用者名稱,用來登陸管理網站,可以使用如下命令:
python manage.py createsuperuser
輸入想要使用的使用者名稱:
Username (leave blank to use 'administrator'): user01
輸入email:
Email address: (在這裡輸入你的自己的郵箱帳號)
輸入密碼,需要輸入兩次,並且輸入密碼時不會顯示出來:
Password:
Password (again):
當兩次密碼都相同的時候,就會提示超級帳號建立成功。
Superuser created successfully.
E、使用:
用前一步建立的使用者,登陸後臺管理系統http://0.0.0.0:8081/admin/
以上就是本文的全部內容,希望對大家的學習有所幫助,也希望大家多多支援我們。