07.Django中的自定義認證方式和許可權的設計與使用

Thinkgamer_gyt發表於2016-03-31
Django

一:自定義認證方式

前提條件

1:建立簡單的django工程

2:簡單的login模組

3:基礎的配置假設已經完成

4:User配置參考上一篇部落格http://blog.csdn.net/gamer_gyt/article/details/50499653

以上如果哪點不明白,請檢視前邊章節誒的內容


login/views.py:

class LoginForm(forms.Form):
   username=forms.CharField(label="username:",max_length=100)
   email = forms.CharField(label = "email:" , max_length = 100)
   pwd = forms.CharField(label = "password:" , widget=forms.PasswordInput)
def login(request):
    if ('email' or 'pwd'or 'username') not in request.GET:
        lf = LoginForm()
        return render_to_response("login.html",{"lf":lf})
    lf = LoginForm(request.GET)
    name = lf.data['username']
    email = lf.data['email']
    pwd = lf.data['pwd']
    try:
        user = User.objects.get(email=email,username=name)
    except User.DoesNotExist:
        pass
    else:
   	return HttpResponse("login in:" +user.username + user.email)





login.html:




<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<form method="get" enctype="multipart/form-data">
    {{ lf.as_p }}
    <input type="submit" value="OK">
</form>
</body>
</html>






啟動服務


127.0.0.1:8080/logre/login








點選OK:








完工





二:許可權設計與應用


新建一個blog模組,定義models.py:




class Blog(models.Model):
    blog_title = models.CharField(blank=False,verbose_name="標題",max_length=20,unique=True)
    #blank = False 表示該項必選
    blog_time = models.DateTimeField(verbose_name="發表時間")
    blog_content = models.TextField(blank=False,verbose_name="內容")
    blog_seenum = models.IntegerField(verbose_name="瀏覽量",default=0)
    def __unicode__(self):
        return self.blog_title
    class Meta:
        db_table = "blog"
        permissions=(
            ("can_view","can see blogs"),
            ("can_add","can add blogs"),
            ("can_edit","can edit blogs"),
            ("can_delete","can delete blogs"),
        )




在admin.py中進行註冊:




class BlogAdmin(admin.ModelAdmin):
    list_display = ('blog_title','blog_time','blog_seenum')
    list_filter = ('blog_title','blog_time','blog_seenum')
    search_fields = ('blog_title','blog_time','blog_seenum')
    fields = ('blog_title','blog_time','blog_content','blog_seenum')
    ordering = ('-blog_time',)


admin.site.register(Blog,BlogAdmin)






新建註冊頁面:regeister.html




<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<form method="get" enctype="multipart/form-data">
    {{ lf.as_p }}
    <input type="submit" value="OK">
</form>
</body>
</html>

在logre的views模組中新增regeister函式





def regeister(request):
    if ('email' or 'pwd'or 'username') not in request.GET:
        lf = LoginForm()
        return render_to_response("regeister.html",{"lf":lf})
    lf = LoginForm(request.GET)
    name = lf.data["username"]
    email = lf.data['email']
    pwd = lf.data['pwd']

    user = User()
    user.username= name
    user.email = email
    user.pwd = pwd
    user.save()

    user.user_permissions = [Permission.objects.get(codename="can_view"),Permission.objects.get(codename='can_add')]
    user.save()
    return HttpResponseRedirect('/logre/login')






修改login函式為:




def login(request):
    if ('email' or 'pwd'or 'username') not in request.GET:
        lf = LoginForm()
        return render_to_response("login.html",{"lf":lf})
    lf = LoginForm(request.GET)
    name = lf.data['username']
    email = lf.data['email']
    pwd = lf.data['pwd']
    try:
        user = User.objects.get(email=email,username=name)
    except User.DoesNotExist:
        pass
    else:
        if user.check_password(pwd):
            if user.has_perm('blog.can_view'):
                return HttpResponse("you can see blogs")
            return HttpResponse("you can not  see blogs")






註冊登入:


you can see blogs






相關文章