摘要
django框架本身自带有登录注册,也可以自己写登录注册,下面将介绍这这2种方式实登录注册
一、自己写登录注册登出
1.注册regist
注册采用的是form表单,提交到数据库,在登录的时候,查询数据看,看用户有没有注册,如果用户没有注册,则返回注册页面注册
(1)models.py文件里创建相关的字段: 用户名字/用户密码/cookies携带的ticket
1
2
3
4
5
6
7
8
9
10
11
|
from django.db import models # create your models here. class users(models.model): u_name = models.charfield(max_length = 10 ) u_password = models.charfield(max_length = 255 ) u_ticket = models.charfield(max_length = 30 , null = true) class meta: db_table = 'day51_user' |
(2)urls.py 配置相关路由
1
2
3
4
5
6
7
|
from django.conf.urls import url from uauth import views urlpatterns = [ url(r '^regist/' , views.regist), url(r '^login/' , views.login), url(r '^logout' , views.logout) ] |
(3)views.py 书写regist方法
导入相关的包,在regist,login,logout都会使用到
1
2
3
4
5
6
7
8
9
10
|
import random import time from django.contrib import auth from django.contrib.auth.hashers import make_password,check_password from django.contrib.auth.models import user from django.http import httpresponseredirect, httpresponse from django.shortcuts import render from django.core.urlresolvers import reverse # create your views here. from uauth.models import users |
如果用户请求regist方法,则直接跳转到相关的html页面。
如果用户在html页面点击了post按钮,对密码进行加密后,将数据提交到数据库,并返回登录login页面。
获得post提交的表单文字,使用request.post.get(' ')
1
2
3
4
5
6
7
8
9
10
11
|
def regist(request): if request.method = = 'get' : return render(request, 'day6_regist.html' ) if request.method = = 'post' : # 注册 name = request.post.get( 'name' ) password = request.post.get( 'password' ) # 对密码进行加密 password = make_password(password) users.objects.create(u_name = name, u_password = password) return httpresponseredirect( '/uauth/login/' ) |
编写regist的提交表单, method方法选择'post'
文件目录在templates下[图片上传中...(image.png-cc7763-1526105439415-0)]
{%csrf_token%}是针对提交的时候csrf跨域错误
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
<!doctype html> <html lang = "en" > <head> <meta charset = "utf-8" > <title>注册页面< / title> < / head> <body> <form action = " " method=" post"> { % csrf_token % } 注册姓名:< input type = "text" name = "name" > 注册密码:< input type = "password" name = "password" > < input type = "submit" value = "提交" > < / form> < / body> < / html> |
2.登录login
(1)配置路由urls.py, 与注册的时候一样的操作
(2)配置views.py, 编写login方法
如果是get请求,则跳转到登录的html界面中
1
2
3
|
def login(request): if request.method = = 'get' : return render(request, 'day6_login.html' ) |
如果是post请求,则将获得的用户密码与数据库的用户密码进行比较。如果相同,就赋值一个ticker到浏览器上,将ticket存入数据库中,这样后续的浏览器操作只需判断ticket是否正确就好,如果错误,返回登录界面
知识点
绑定cookie命令: set_cookie
查询一个用户是否存在:exists()
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
def login(request): if request.method = = 'get' : return render(request, 'day6_login.html' ) if request.method = = 'post' : # 如果登录成功,绑定参数到cookie中,set_cookie name = request.post.get( 'name' ) password = request.post.get( 'password' ) # 查询用户是否在数据库中 if users.objects. filter (u_name = name).exists(): user = users.objects.get(u_name = name) if check_password(password, user.u_password): # ticket = 'agdoajbfjad' ticket = '' for i in range ( 15 ): s = 'abcdefghijklmnopqrstuvwxyz' # 获取随机的字符串 ticket + = random.choice(s) now_time = int (time.time()) ticket = 'tk' + ticket + str (now_time) # 绑定令牌到cookie里面 # response = httpresponse() response = httpresponseredirect( '/stu/index/' ) #max_age 存活时间(秒) response.set_cookie( 'ticket' , ticket, max_age = 10000 ) # 存在服务端 user.u_ticket = ticket user.save() #保存 return response else : # return httpresponse('用户密码错误') return render(request, 'day6_login.html' , { 'password' : '用户密码错误' }) else : # return httpresponse('用户不存在') return render(request, 'day6_login.html' , { 'name' : '用户不存在' }) |
登录相关的html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
<!doctype html> <html lang = "en" > <head> <meta charset = "utf-8" > <title>登录页面< / title> < / head> <body> <form action = " " method=" post"> { % csrf_token % } 登录姓名:< input type = "text" name = "name" > 登录密码:< input type = "password" name = "password" > < input type = "submit" value = "提交" > < / form> < / body> < / html> |
相关的数据库
补充说明:如何在主页中判断ticket
知识点:获得浏览器cookie携带的ticket: request.cookies.get('ticket')
这只能判断一个网页需不需要进行判断验证,如果需要很多网页进行验证,这是需要采用中间件,这个稍候会涉及到
1
2
3
4
5
6
7
8
9
10
11
|
def index(request): if request.method = = 'get' : # 获取所有学生信息 ticket = request.cookies.get( 'ticket' ) if not ticket: return httpresponseredirect( '/uauth/login/' ) if users.objects. filter (u_ticket = ticket).exists(): stuinfos = studentinfo.objects. all () return render(request, 'index.html' , { 'stuinfos' : stuinfos}) else : return httpresponseredirect( '/uauth/login/' ) |
3.登出系统
实现登出目的,选择删除数据库中的ticket:delete_cookie
登出过后,自动跳转到登录界面
1
2
3
4
5
6
|
def logout(request): if request.method = = 'get' : # response = httpresponse() response = httpresponseredirect( '/uauth/login/' ) response.delete_cookie( 'ticket' ) return response |
4.中间件middleware
应用:在django中,中间件其实就是一个类,在请求到来和结束后,django会根据自己的规则在合适的时机执行中间件中相应的方法。
中间件的5个方法:
process_request(self,request) :当用户发起请求的时候会依次经过所有的的中间件,这个时候的请求是process_request :
process_view(self, request, callback, callback_args, callback_kwargs) :进入views函数, 执行process_view
process_template_response(self,request,response) : 只有当views函数中返回的对象中具有render方法,是就会直接process_template_responseprocess
process_exception(self, request, exception) : 当views的函数中出现错误时,就会执行process_exception方法
process_response(self, request, response)
:views函数处理后,在依次穿过中间件,这个时候是process_response,最后返回给请求者
中间件的运行流程
5. 使用中间件完成登录的验证
中间件return none 或什么都不返回的时候表示什么都不做,跳过这一个过程
配置中间件,实现登录的验证
(1)配置settings.py
1) 在主工程文件下创建一个utils文件,
在utils里: a. 创建中间件文件(名字自己取) b.创建一个工程文件 __init__.py
2)settings.py配置
在middileware里添加相关的文件路径
3) 配置相关的中间件文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
from django.http import httpresponseredirect from django.utils.deprecation import middlewaremixin from uauth.models import users from stu.models import countaddstu class authmiddleware(middlewaremixin): def process_request( self , request): # 统一验证登录 # return none 或者 不写return才会继续往下执行, 不需要执行 if request.path = = '/uauth/login/' or request.path = = '/uauth/regist/' : return none ticket = request.cookies.get( 'ticket' ) if not ticket: return httpresponseredirect( '/uauth/login/' ) users = users.objects. filter (u_ticket = ticket) if not users: return httpresponseredirect( '/uauth/login/' ) # 将user赋值在request请求的user上,以后可以直接判断user有没有存在 # 备注,django自带的有user值 request.user = users[ 0 ] |
6. 至此,自己建造的登录验证系统已经完成
二、 django自带的登录验证系统
自带的登录验证系统中不需要自己手动的设置ticket
1.settings.py文件中配置没登录的跳转页面
1
|
login_url = '/uauth/dglogin' |
2.urls.py中配置相关路由
1
2
3
4
5
6
7
|
from django.conf.urls import url from uauth import views urlpatterns = [ url(r 'dglogin/' , views.dglogin), url(r '^dgregist/' , views.dgregist), url(r '^dglogout/' , views.dglogout) ] |
3. views.py导入相关的库文件
1
2
3
4
5
|
from django.contrib import auth from django.contrib.auth.hashers import make_password, check_password from django.contrib.auth.models import user from django.http import httpresponseredirect, httpresponse from django.shortcuts import render |
4.views.py文件中书写注册dgregist方法
1
2
3
4
5
6
7
8
9
|
from django.contrib.auth.models import user def dgregist(request): if request.method = = 'get' : return render(request, 'day6_regist.html' ) if request.method = = 'post' : name = request.post.get( 'name' ) password = request.post.get( 'password' ) user.objects.create_user(username = name, password = password) return httpresponseredirect( '/uauth/dglogin/' ) |
5. views.py文件中书写注册dglogin方法
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
def dglogin(request): if request.method = = 'get' : return render(request, 'login.html' ) if request.method = = 'post' : name = request.post.get( 'name' ) password = request.post.get( 'password' ) # 验证用户名和密码,通过的话,返回user对象 user = auth.authenticate(username = name, password = password) if user: auth.login(request, user) return httpresponseredirect( '/stu/index/' ) else : return render(request, 'index.html' ) |
6. 在app的urls.py中设置验证require
1
2
3
4
5
6
7
|
from django.conf.urls import url from django.contrib.auth.decorators import login_required from stu import views urlpatterns = [ url(r 'addstu/' , login_required(views.addstu), name = 'add' ), url(r 'index/' , login_required(views.index)), ] |
7.登出dglogout
1
2
3
4
5
|
def dglogout(request): if request.method = = 'get' : auth.logout(request) return httpresponseredirect( '/uauth/dglogin' ) |
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。
原文链接:https://www.jianshu.com/p/0a1145167a8d