CMDB精读-登录验证模块
效果展示
功能包含登录,验证码实现
代码实现
用户登录相关--models.py---
#!/usr/bin/env python # -*- coding:utf-8 -*- from django.db import models import datetime class UserType(models.Model): caption = models.CharField(max_length=32, db_index=True, unique=True) code = models.CharField(max_length=32, db_index=True, unique=True) def __unicode__(self): return self.caption class Meta: verbose_name_plural = "用户类型" class UserProfile(models.Model): user_type = models.ForeignKey('UserType') name = models.CharField(u'名字', max_length=32) email = models.EmailField(u'邮箱') phone = models.CharField(u'座机', max_length=50) mobile = models.CharField(u'手机', max_length=32) memo = models.TextField(u'备注', blank=True) create_at = models.DateTimeField(blank=True, auto_now_add=True) update_at = models.DateTimeField(blank=True, auto_now=True) class Meta: verbose_name = '用户信息' verbose_name_plural = "用户信息" def __unicode__(self): return self.name class AdminInfo(models.Model): #并非所有用户均需要登录权限,所以将用户名、密码单拆出来,一对一到用户信息表 user_info = models.OneToOneField(UserProfile) username = models.CharField(u'用户名', max_length=256) password = models.CharField(u'密码', max_length=256) class Meta: verbose_name_plural = "用户登陆账号" class UserGroup(models.Model): #用户和用户组多对多关系 name = models.CharField(max_length=32, db_index=True, unique=True) users = models.ManyToManyField('UserProfile', null=True, blank=True) def __unicode__(self): return self.name class Meta: verbose_name_plural = "用户组"
用户登录相关--urls.py--
url(r'account/checkcode/$', account.check_code), #验证码接口 url(r'account/login/$', account.login), url(r'account/logout/$', account.logout),
用户登录相关--views/account.py--
1 #!/usr/bin/env python 2 # -*- coding:utf-8 -*- 3 import StringIO 4 from django.shortcuts import render_to_response 5 from django.shortcuts import HttpResponse 6 from django.shortcuts import redirect 7 from backend.commons.check_code import create_validate_code 8 from web_manage.bll import account_manager 9 from web_manage.forms.account import LoginForm 10 import json 11 12 13 def check_code(request): 14 stream_obj = StringIO.StringIO() #用于字符串的缓存,stream_obj的方法同文件操作,这样的好处不用每次生成验证码图片,而放置于内存中 15 validate_code = create_validate_code() 16 img = validate_code[0] 17 img.save(stream_obj, "GIF") 18 request.session["CheckCode"] = validate_code[1] 19 return HttpResponse(stream_obj.getvalue()) 20 21 22 def login(request): 23 error = '' 24 login_form = LoginForm(request.POST) 25 if request.method == 'POST': 26 check = request.POST.get('checkcode',None) 27 if check != request.session['CheckCode'].lower(): 28 error = '验证码错误.' 29 else: 30 if not login_form.is_valid(): 31 error = '用户名或密码格式错误.' 32 else: 33 data = login_form.clean() 34 result = account_manager.check_valid(**data) 35 if result.status: 36 ret = {'id': result.data.user_info.id, 'name': result.data.user_info.name} 37 request.session['auth_user'] = json.dumps(ret) 38 target = request.GET.get('back', '/home/index/') 39 return redirect(target) 40 else: 41 error = '用户名或密码错误.' 42 43 return render_to_response('account/login.html', {'model': login_form,'error': error}) 44 45 46 def logout(request): 47 del request.session['auth_user'] #删除session 48 request.username = '' 49 return redirect('/account/login/')
验证码功能实现(views部分参考上一部分)
验证码插件--backend/commons/check_code.py
1 #!/usr/bin/env python 2 # -*- coding:utf-8 -*- 3 4 import random 5 from PIL import Image, ImageDraw, ImageFont, ImageFilter 6 7 _letter_cases = "abcdefghjkmnpqrstuvwxy" # 小写字母,去除可能干扰的i,l,o,z 8 _upper_cases = _letter_cases.upper() # 大写字母 9 _numbers = ''.join(map(str, range(3, 10))) # 数字 10 init_chars = ''.join((_letter_cases, _upper_cases, _numbers)) 11 12 13 def create_validate_code(size=(120, 30), 14 chars=init_chars, 15 img_type="GIF", 16 mode="RGB", 17 bg_color=(255, 255, 255), 18 fg_color=(0, 0, 255), 19 font_size=18, 20 font_type="Monaco.ttf", 21 length=4, 22 draw_lines=True, 23 n_line=(1, 2), 24 draw_points=True, 25 point_chance = 2): 26 ''' 27 @todo: 生成验证码图片 28 @param size: 图片的大小,格式(宽,高),默认为(120, 30) 29 @param chars: 允许的字符集合,格式字符串 30 @param img_type: 图片保存的格式,默认为GIF,可选的为GIF,JPEG,TIFF,PNG 31 @param mode: 图片模式,默认为RGB 32 @param bg_color: 背景颜色,默认为白色 33 @param fg_color: 前景色,验证码字符颜色,默认为蓝色#0000FF 34 @param font_size: 验证码字体大小 35 @param font_type: 验证码字体,默认为 ae_AlArabiya.ttf 36 @param length: 验证码字符个数 37 @param draw_lines: 是否划干扰线 38 @param n_lines: 干扰线的条数范围,格式元组,默认为(1, 2),只有draw_lines为True时有效 39 @param draw_points: 是否画干扰点 40 @param point_chance: 干扰点出现的概率,大小范围[0, 100] 41 @return: [0]: PIL Image实例 42 @return: [1]: 验证码图片中的字符串 43 ''' 44 45 width, height = size # 宽, 高 46 img = Image.new(mode, size, bg_color) # 创建图形 47 draw = ImageDraw.Draw(img) # 创建画笔 48 49 def get_chars(): 50 '''生成给定长度的字符串,返回列表格式''' 51 return random.sample(chars, length) 52 53 def create_lines(): 54 '''绘制干扰线''' 55 line_num = random.randint(*n_line) # 干扰线条数 56 57 for i in range(line_num): 58 # 起始点 59 begin = (random.randint(0, size[0]), random.randint(0, size[1])) 60 #结束点 61 end = (random.randint(0, size[0]), random.randint(0, size[1])) 62 draw.line([begin, end], fill=(0, 0, 0)) 63 64 def create_points(): 65 '''绘制干扰点''' 66 chance = min(100, max(0, int(point_chance))) # 大小限制在[0, 100] 67 68 for w in xrange(width): 69 for h in xrange(height): 70 tmp = random.randint(0, 100) 71 if tmp > 100 - chance: 72 draw.point((w, h), fill=(0, 0, 0)) 73 74 def create_strs(): 75 '''绘制验证码字符''' 76 c_chars = get_chars() 77 strs = ' %s ' % ' '.join(c_chars) # 每个字符前后以空格隔开 78 79 font = ImageFont.truetype(font_type, font_size) 80 font_width, font_height = font.getsize(strs) 81 82 draw.text(((width - font_width) / 3, (height - font_height) / 3), 83 strs, font=font, fill=fg_color) 84 85 return ''.join(c_chars) 86 87 if draw_lines: 88 create_lines() 89 if draw_points: 90 create_points() 91 strs = create_strs() 92 93 # 图形扭曲参数 94 params = [1 - float(random.randint(1, 2)) / 100, 95 0, 96 0, 97 0, 98 1 - float(random.randint(1, 10)) / 100, 99 float(random.randint(1, 2)) / 500, 100 0.001, 101 float(random.randint(1, 2)) / 500 102 ] 103 img = img.transform(size, Image.PERSPECTIVE, params) # 创建扭曲 104 105 img = img.filter(ImageFilter.EDGE_ENHANCE_MORE) # 滤镜,边界加强(阈值更大) 106 107 return img, strs 108 109 110 create_validate_code()
前端html部分--login.html--
<div class="input-group"> <span class="input-group-addon"><i class="fa fa-pencil-square-o"></i></span> <input type="text" name="checkcode" class="form-control check-code" placeholder="验证码"> <img onclick='ChangeCode();' id='imgCode' src="/account/checkcode/"> </div>
前端js部分--login.html--
<script src='/static/js/jquery-1.8.2.min.js'></script>
<script src='/static/js/valid.js'></script>
<script type="text/javascript">
$(function(){
$.login('#Form',''); //login的验证js插件
})
function ChangeCode() {
var code = document.getElementById('imgCode');
code.src += '?'; //每次点击会从服务器get验证码图片,默认浏览器有缓存,不会重新提交给服务器,此处加问号,可以让该url每次均从服务器来进行获取,实现点击刷新验证码的效果
}
</script>
页面登录状态验证装饰器--backend/decorators/login_auth.py--
#!/usr/bin/env python # -*- coding:utf-8 -*- from cmdbdemo import settings from django.shortcuts import redirect import json # ########## 用于验证用户是否登陆的装饰器 ########## def login_auth(func): """ 如果用户已经登陆,则执行相应的Views中的函数,否则,跳转至 settings中设置的LOGIN_URL地址,即: '/account/login/'""" def wrapper(request, *args, **kwargs): #将被装饰函数的所有参数导入装饰器 result = request.session.get('auth_user', None) #在views/account.py中,登录后设置session if not result: login_url = '%s?back=%s' % (settings.LOGIN_URL, request.path) return redirect(login_url) result = json.loads(result) request.username = result['name'] response = func(request, *args, **kwargs) return response return wrapper
views.py调用示例
@login_auth def init_config(request): nid = request.POST.get('nid') response = asset_manager.init_config(nid=nid) return HttpResponse(json.dumps(response.__dict__))