Django comes with a user authentication system. It handles user accounts, groups, permissions and cookie-based user sessions. This section of the documentation explains how the default implementation works out of the box, as well as how to extend and customize it to suit your project’s needs.
Django有一個使用者認證系統。它處理使用者的賬戶、組、許可和基於cookie的使用者session。這部分文件解釋了標準實現過程及針對使用者具體需求進行拓展或定製的方法。

Overview¶概覽

The Django authentication system handles both authentication and authorization. Briefly, authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do. Here the term authentication is used to refer to both tasks.
django認證管理系統處理認證和授權。大體上，認證功能認證一個使用者並授權該使用者在許可範圍內進行操作。在這裡，認證包括兩項工作。
The auth system consists of:
認證系統包括：
Users
使用者
Permissions: Binary (yes/no) flags designating whether a user may perform a certain task.
許可：使用二進位制標記實現是否允許使用者進行某一項操作
Groups: A generic way of applying labels and permissions to more than one user.
組：當超過一個使用者的時候，通常採用標籤和許可的方式進行管理。
A configurable password hashing system
一個可配置的密碼雜湊系統
Forms and view tools for logging in users, or restricting content
使用者登入或受限的內容的窗體和檢視工具
A pluggable backend system
可動態增減的後端系統
The authentication system in Django aims to be very generic and doesn’t provide some features commonly found in web authentication systems. Solutions for some of these common problems have been implemented in third-party packages:
認證系統目標是實現普通的認證功能，部分網站認證系統中常見的功能並未進行提供，可以通過第三方包的方式進行補充實現。

Password strength checking
密碼強度檢測。
Throttling of login attempts
限制嘗試登入次數
Authentication against third-parties (OAuth, for example)
對第三方模組的認證

Installation安裝

Authentication support is bundled as a Django contrib module in django.contrib.auth. By default, the required configuration is already included in the settings.py generated by django-admin startproject, these consist of two items listed in your INSTALLED_APPS setting:
認證功能模組在django系統中預設已經安裝，該模組位於django.contrib.auth。預設情況下，所需要的配置已經在django-admin startproject執行時在settings.py中進行了生成，包括兩個專案。
‘django.contrib.auth’ contains the core of the authentication framework, and its default models.
‘django.contrib.auth’ 包含了認證框架的核心和預設的模型model
‘django.contrib.contenttypes’ is the Django content type system, which allows permissions to be associated with models you create.
‘django.contrib.contenttypes’ 時django內容型別系統，它允許一些與你建立的模型相關聯的許可。
and these items in your MIDDLEWARE setting:
這些專案在你的settings.py檔案的MIDDLEWARE專案下：

SessionMiddleware manages sessions across requests.
SessionMiddleware管理有關request的session
AuthenticationMiddleware associates users with requests using sessions.
AuthenticationMiddleware用session關聯使用者和request請求
With these settings in place, running the command manage.py migrate creates the necessary database tables for auth related models and permissions for any models defined in your installed apps.
上述配置設定好以後，執行python manage.py migrate 以建立所需要的認證相關資料庫表及你所安裝的應用中定義的資料模型的相關許可。

Usage用法

Using Django’s default implementation
django的預設方式
Working with User objects
使用User使用者物件
Permissions and authorization
許可和授權
Authentication in web requests
網頁request請求和認證
Managing users in the admin
使用管理模組管理使用者
API reference for the default implementation
預設實現的API參考
Customizing Users and authentication
定製User和認證
Password management in Django
密碼管理

快捷鍵

• 加粗 Ctrl + B
• 斜體 Ctrl + I
• 引用 Ctrl + Q
• 插入連結 Ctrl + L
• 插入程式碼 Ctrl + K
• 插入圖片 Ctrl + G
• 提升標題 Ctrl + H
• 有序列表 Ctrl + O
• 無序列表 Ctrl + U
• 橫線 Ctrl + R
• 撤銷 Ctrl + Z
• 重做 Ctrl + Y