五 Django 1.5.4 User Authentication 用户认证

一.创建drinker app

 

./manage.py startapp drinker

在INSTALL_APPS添加drinker

用户的Profile模型，django里面是可以自定义的。
通过在settings.py里面指定AUTH_PROFILE_MODULE变量的值就可以了。
AUTH_PROFILE_MODULE ＝ ‘package.model_name’   # profiles.Profile
用户可以使用user.get_profile()来获取自己的profile信息。

在settings.py中添加

 

AUTH_PROFILE_MODULE='drinker.Drinker'

 

里面有一个@login_required标签。其作用就是告诉程序，使用这个方法是要求用户登录的。

1.如果用户还没有登录，默认会跳转到‘/accounts/login/’。这个值可以在settings文件中通过LOGIN_URL参数来设定。（后面还会自动加上你请求的url作为登录后跳转的地址，如：/accounts/login/?next=/polls/3/ 登录完成之后，会去请求/poll/3）

2.如果用户登录了，那么该方法就可以正常执行

添加

 

LOGIN_URL='/login/'

LOGIN_REDIRECT_URL='/profile/'

二.修改drinker/models.py

 

from django.db import models

from django.db.models.signals import post_save

from django.contrib.auth.models import User



# Create your models here.

class Drinker(models.Model):

    user        =models.OneToOneField(User)

    birthday    =models.DateField()

    name        =models.CharField(max_length=100)

    def __unicode__(self):

        return self.name

运行

./manage.py syncdb

三.修改drinker/admin.py

 

from django.contrib import admin

from drinker.models import Drinker



admin.site.register(Drinker)

Meta作用

抽象类

 

class CommonInfo(models.Model):

　　name = models.CharField(max_length = 100)

　　age = models.PositiveIntegerField()

　　

　　class Meta:

　　    Abstract = True

　　

class Student(CommonInfo):

　　home_group = models.CharField(max_length = 5)

这样Student就有三个字段：name, age, home_group,所以CommonInfo不可以用作正常的Django model，因为它只是一个抽象基类,它并不生成一个数据库，不能直接实例化或直接保存数据。所以这种抽象基类是非常有用的，它以python的方式提供了一种方法来提取出公共信息，同时仅当子model在创建数据库时才会创建相应的数据。

 

四.修改drinker/forms.py

最终，如果一个Form实体的数据是合法的，它就会有一个可用的cleaned_data属性。 这是一个包含干净的提交数据的字典。 Django的form框架不但校验数据，它还会把它们转换成相应的Python类型数据，这叫做清理数据。

 

from django import forms

from django.contrib.auth.models import User

from django.forms import ModelForm

from drinker.models import Drinker



class RegistrationForm(ModelForm):

    username=forms.CharField(label=(u'User Name'))

    email   =forms.EmailField(label=(u'Email Address'))

    password=forms.CharField(label=(u'Password'),widget=forms.PasswordInput(render_value=False))

    password1=forms.CharField(label=(u'Verify Password'),widget=forms.PasswordInput(render_value=False))



    class Meta:

        model=Drinker

        exclude=('user',)

    def clean_username(self):

        username=self.cleaned_data['username']

        try:

            User.objects.get(username=username)

        except User.DoesNotExist:

            return username

        raise forms.ValidationError("That username is already taken,please select another.")

    def clean(self):

        if self.cleaned_data['password'] != self.cleaned_data['password1']:

                raise forms.ValidationError("The passwords did not match. Please try again.")

        return self.cleaned_data

class LoginForm(forms.Form):

    username    =forms.CharField(label=(u'User Name'))

    password    =forms.CharField(label=(u'Password'),widget=forms.PasswordInput(render_value=False))

五.修改drinker/views.py

 

from django.http import HttpResponseRedirect

from django.contrib.auth.models import User

from django.contrib.auth.decorators import login_required

from django.shortcuts import render_to_response

from django.template import RequestContext

from drinker.forms import RegistrationForm,LoginForm

from drinker.models import Drinker

from django.contrib.auth import authenticate,login,logout



def DrinkerRegistration(request):

    if request.user.is_authenticated():

        return HttpResponseRedirect('/profile/')

    if request.method == 'POST':

        form =RegistrationForm(request.POST)

        if form.is_valid():

            user =User.objects.create_user(username=form.cleaned_data['username'],email=form.cleaned_data['email'],password=form.cleaned_data['password'])

            user.save()

            drinker=Drinker(user=user,name=form.cleaned_data['name'],birthday=form.cleaned_data['birthday'])

            drinker.save()

            return HttpResponseRedirect('/profile/')

        else:

            return render_to_response('register.html',{'form':form},context_instance=RequestContext(request))

    else:

        form =RegistrationForm()

        context={'form':form}

        return render_to_response('register.html',context,context_instance=RequestContext(request))

@login_required

def Profile(request):

    if not request.user.is_authenticated():

        return HttpResponseRedirect('/login/')

    drinker=request.user.get_profile

    context={'drinker':drinker}

    return render_to_response('profile.html',context,context_instance=RequestContext(request))

def LoginRequest(request):

    if request.user.is_authenticated():

        return HttpResponseRedirect('/profile/')

    if request.method == 'POST':

        form=LoginForm(request.POST)

        if form.is_valid():

            username=form.cleaned_data['username']

            password=form.cleaned_data['password']

            drinker=authenticate(username=username,password=password)

            if drinker is not None:

                login(request,drinker)

                return HttpResponseRedirect('/profile/')

            else:

                return render_to_response('login.html',{'form':form},context_instance=RequestContext(request))

        else:

            return render_to_response('login.html',{'form':form},context_instance=RequestContext(request))

    else:

        form=LoginForm()

        context={'form':form}

        return render_to_response('login.html',context,context_instance=RequestContext(request))

def LogoutRequest(request):

    logout(request)

    return HttpResponseRedirect('/')

Django的User对象提供了一系列的属性和方法，其中password存储的是加密后的密码，is_staff记录用户是否有管理员权限，其他的属性可以参考官方文档。同时django.contrib.auth模块中提供了authenticate()、login()、logout()等函数，分别实现认证、登录、登出等功能。Django还为我们提供了内置的处理login、logout的view函数，但是因为其提供的行为与我们这里要的不一样，所以还需要自己实现view函数。

六.修改templates/register.html

 

{% extends "base.html" %}

{% block extrahead %}

    <script src="http://libs.baidu.com/jquery/1.7.1/jquery.min.js" type="text/javascript"></script>

    <script src="http://libs.baidu.com/jqueryui/1.8.18/jquery-ui.min.js" type="text/javascript"></script>

    <script>

     $(function() {

             $( "#id_birthday" ).datepicker();

             });

    </script>

{% endblock %}

{% block content %}

<form action="" method="post">{% csrf_token %}

    {% if form.errors %}

    <p> Please correct the following fields: </p>

    {% endif %}

    <div class="register_div">

        {% if form.username.errors %} <p class="error"> {{ form.username.errors }} </p> {% endif %}

        <p><label for="username" {% if form.username.errors %} class="error" {% endif %}>Username:</label></p>

        <p>{{ form.username }}</p>

    </div>

    <div class="register_div">

        {% if form.email.errors %} <p class="error"> {{ form.email.errors }} </p> {% endif %}

        <p><label for="email" {% if form.email.errors %} class="error" {% endif %}>Email:</label></p>

        <p>{{ form.email}}</p>

    </div>

    <div class="register_div">

        {% if form.password.errors %} <p class="error"> {{ form.password.errors }} </p> {% endif %}

        <p><label for="password" {% if form.password.errors %} class="error" {% endif %}>Password:</label></p>

        <p>{{ form.password}}</p>

    </div>

    <div class="register_div">

        {% if form.password1.errors %} <p class="error"> {{ form.password1.errors }} </p> {% endif %}

        <p><label for="password1" {% if form.password1.errors %} class="error" {% endif %}>Verify Password:</label></p>

        <p>{{ form.password1}}</p>

    </div>

    <div class="register_div">

        {% if form.birthday.errors %} <p class="error"> {{ form.birthday.errors }} </p> {% endif %}

        <p><label for="birthday" {% if form.birthday.errors %} class="error" {% endif %}>Birthday:</label></p>

        <p>{{ form.birthday}}</p>

    </div>

    <div class="register_div">

        {% if form.name.errors %} <p class="error"> {{ form.name.errors }} </p> {% endif %}

        <p><label for="name" {% if form.name.errors %} class="error" {% endif %}>Name:</label></p>

        <p>{{ form.name}}</p>

    </div>

    <p><input type="submit" alt="register"></p>

</form>

{% endblock %}

templates/login.html

 

{% extends "base.html" %}

{% block content %}

<form action="" method="post">{% csrf_token %}

    {% if form.errors %}

    <p> Please correct the following fields: </p>

    {% endif %}

    <div class="register_div">

        {% if form.username.errors %} <p class="error"> {{ form.username.errors }} </p> {% endif %}

        <p><label for="username" {% if form.username.errors %} class="error" {% endif %}>Username:</label></p>

        <p>{{ form.username }}</p>

    </div>

    <div class="register_div">

        {% if form.password.errors %} <p class="error"> {{ form.password.errors }} </p> {% endif %}

        <p><label for="password" {% if form.password.errors %} class="error" {% endif %}>Password:</label></p>

        <p>{{ form.password}}</p>

    </div>

    <p><input type="submit" alt="register"></p>

</form>

{% endblock %}

templates/base.html

 

<html>

<head>

    <link rel="stylesheet" type="text/css" href="/static/css/video1.css" />

    {% block extrahead %}

    {% endblock %}

</head>

<body>

<div id="pageContainer">

    <div id="nav_top_right">

        {% if user.is_authenticated %}

        <p><a href="/logout/">Logout</a></p>

        {% else %}

        <p><a href="/login/">login</a></p>

        {% endif %}

    </div>

    {% block content %}



    {% endblock %}

</div>

</body>

</html>

templates/profile.html

 

{% extends "base.html" %}

{% block content %}

<p>Name: {{ drinker.name }}</p>

<p>Birthday: {{ drinker.birthday }}</p>

{% endblock %}

urls.py中添加

    

    (r'^register/$','drinker.views.DrinkerRegistration'),

    (r'^login/$','drinker.views.LoginRequest'),

    (r'^logout/$','drinker.views.LogoutRequest'), 

    (r'^profile/$','drinker.views.Profile'),