自我学习: Django-用户登录+中间件

以form来做，因为form没有写入能力，比较安全

from django.shortcuts import render, HttpResponse, redirect
from app01 import models
from django import forms
from app01.utils.encrypt import md5

#form需自己定义“字段”
class LoginForm(forms.Form):
    name = forms.CharField(
        label="用户名",
        widget = forms.TextInput(attrs={
   "class": "form-control"})
    )

    pwd = forms.CharField(
        label="密码",
        widget=forms.PasswordInput(attrs={
   "class": "form-control"})
    )
    
	#数据库中密码md5加密，此处将输入的密码md5化，便于对比
    def clean_password(self):
        pwd = self.cleaned_data.get("pwd")
        return md5(pwd)

def login(request):
    """登录"""
    if request.method == "GET":
        form = LoginForm()
        return render(request, 'login.html', {
   'form': form})
    form = LoginForm(data=request.POST)
    if form.is_valid():
        #print(form.cleaned_data)
        admin_object = models.Admin.objects.filter(**form.cleaned_data).first()
        #form.cleaned_data为字典且键名与数据库中字段命名一致
        if not admin_object:   #判断语句，添加错误
            form.add_error("pwd", "