django 使用者登入及驗證
阿新 • • 發佈:2019-01-07
1、登入頁面如下:
{% load staticfiles %} <!DOCTYPE html> <html lang="zh-CN"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- ??3賂枚a滷錨*滷?毛??卯?攏盧?潞?盲??露錄*滷?毛煤潞貿--> <meta name="description" content=""> <meta name="author" content=""> <link rel="icon" href="../../favicon.ico"> <title>Signin Template for Bootstrap</title> <!-- Bootstrap core CSS --> <link href="{% static 'bootstrap/css/bootstrap.min.css' %}" rel="stylesheet"> <!-- <link rel="stylesheet" href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"> <link rel="stylesheet" href="https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"> <script src="https://cdn.bootcss.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> --> <link href="{% static 'bootstrap/css/signin.css' %}" rel="stylesheet"> </head> <body> <div class="container"> <form class="form-signin" action="/signin/" method="post"> <h2 class="form-signin-heading">Please sign in</h2> <label for="inputUsername" class="sr-only">username</label> <input type="username" name="username" id="inputUsername" class="form-control" placeholder="username" required autofocus> <label for="inputPassword" class="sr-only">Password</label> <input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required> <div class="checkbox"> <label> <input type="checkbox" value="remember-me"> Remember me </label> </div> <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button> </form> </div> <!-- /container --> </body> </html>
2、登入一個使用者
從檢視中登入一個使用者,請使用login()。它接受一個HttpRequest物件和一個User物件。login()使用Django的會話框架來將使用者的ID儲存在會話中。
注意任何在匿名會話中設定的資料都會在使用者登入後的會話中都會記住。
def signin(request): username = request.POST.get('username') password = request.POST.get('password') log = log_config() log.debug(request.POST) log.debug("username:%s password:%s" % (username,password)) user = authenticate(username=username,password=password) if user is not None: if user.is_active: login(request,user) return redirect('/dashboard/') else: return HttpResponse("login.html") else: t = loader.get_template("login.html") return HttpResponse(t.render())
先呼叫authenticate():
當你是手工登入一個使用者時,你必須在呼叫login()之前通過authenticate()成功地認證該使用者。authenticate()在User上設定一個屬性標識哪種認證後臺成功認證了該使用者,且該資訊在後面登入的過程中是需要的。如果你試圖登入一個直接從資料庫中取出的使用者,將會丟擲一個錯誤。
3、登出一個使用者def logout_view(request): logout(request) t = loader.get_template("login.html") return HttpResponse(t.render())
4、只允許登入的使用者訪問
1)使用is_authenticated()
def dashboard(request):
if not request.user.is_authenticated():
return redirect('/index/')
else:
t = loader.get_template("dashboard.html")
return HttpResponse(t.render())
2)使用login_required裝飾器
@login_required
def dashboard(request):
t = loader.get_template("dashboard.html")
return HttpResponse(t.render())