07.Django中的自定义认证方式和权限的设计与使用

一：自定义认证方式

前提条件

1：建立简单的django工程

2：简单的login模块

3：基础的配置假设已经完成

4：User配置参考上一篇博客http://blog.csdn.net/gamer_gyt/article/details/50499653

以上如果哪点不明白，请查看前边章节诶的内容

 

login/views.py：

class LoginForm(forms.Form): username=forms.CharField(label="username:",max_length=100) email = forms.CharField(label = "email:" , max_length = 100) pwd = forms.CharField(label = "password:" , widget=forms.PasswordInput)

def login(request):
    if ('email' or 'pwd'or 'username') not in request.GET:
        lf = LoginForm()
        return render_to_response("login.html",{"lf":lf})
    lf = LoginForm(request.GET)
    name = lf.data['username']
    email = lf.data['email']
    pwd = lf.data['pwd']
    try:
        user = User.objects.get(email=email,username=name)
    except User.DoesNotExist:
        pass
    else:
   	return HttpResponse("login in:" +user.username + user.email)

login.html:

 

 

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<form method="get" enctype="multipart/form-data">
    {{ lf.as_p }}
    <input type="submit" value="OK">
</form>
</body>
</html>

 

启动服务

127.0.0.1:8080/logre/login

 

点击OK：

 

完工

 

二：权限设计与应用

新建一个blog模块，定义models.py:

 

class Blog(models.Model):
    blog_title = models.CharField(blank=False,verbose_name="标题",max_length=20,unique=True)
    #blank = False 表示该项必选
    blog_time = models.DateTimeField(verbose_name="发表时间")
    blog_content = models.TextField(blank=False,verbose_name="内容")
    blog_seenum = models.IntegerField(verbose_name="浏览量",default=0)
    def __unicode__(self):
        return self.blog_title
    class Meta:
        db_table = "blog"
        permissions=(
            ("can_view","can see blogs"),
            ("can_add","can add blogs"),
            ("can_edit","can edit blogs"),
            ("can_delete","can delete blogs"),
        )

 

在admin.py中进行注册：

 

class BlogAdmin(admin.ModelAdmin):
    list_display = ('blog_title','blog_time','blog_seenum')
    list_filter = ('blog_title','blog_time','blog_seenum')
    search_fields = ('blog_title','blog_time','blog_seenum')
    fields = ('blog_title','blog_time','blog_content','blog_seenum')
    ordering = ('-blog_time',)

 

admin.site.register(Blog,BlogAdmin)

新建注册页面：regeister.html

 

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<form method="get" enctype="multipart/form-data">
    {{ lf.as_p }}
    <input type="submit" value="OK">
</form>
</body>
</html>

在logre的views模块中添加regeister函数

def regeister(request):
    if ('email' or 'pwd'or 'username') not in request.GET:
        lf = LoginForm()
        return render_to_response("regeister.html",{"lf":lf})
    lf = LoginForm(request.GET)
    name = lf.data["username"]
    email = lf.data['email']
    pwd = lf.data['pwd']

    user = User()
    user.username= name
    user.email = email
    user.pwd = pwd
    user.save()

    user.user_permissions = [Permission.objects.get(codename="can_view"),Permission.objects.get(codename='can_add')]
    user.save()
    return HttpResponseRedirect('/logre/login')

 

修改login函数为：

 

def login(request):
    if ('email' or 'pwd'or 'username') not in request.GET:
        lf = LoginForm()
        return render_to_response("login.html",{"lf":lf})
    lf = LoginForm(request.GET)
    name = lf.data['username']
    email = lf.data['email']
    pwd = lf.data['pwd']
    try:
        user = User.objects.get(email=email,username=name)
    except User.DoesNotExist:
        pass
    else:
        if user.check_password(pwd):
            if user.has_perm('blog.can_view'):
                return HttpResponse("you can see blogs")
            return HttpResponse("you can not  see blogs")

 

注册登录：

you can see blogs

---

扫一扫 关注微信公众号！号主 专注于搜索和推荐系统，尝试使用算法去更好的服务于用户，包括但不局限于机器学习，深度学习，强化学习，自然语言理解，知识图谱，还不定时分享技术，资料，思考等文章！

---

                             【技术服务】，详情点击查看：https://mp.weixin.qq.com/s/PtX9ukKRBmazAWARprGIAg 

---