我们用一个小例子来整体说明整个模块的运行方式,首先他包含这几个配置
auth模块,可以提供用户身份认证和权限管理
create_user 创建用户
authenticate 验证登录
login 记录用户的登陆状态
logout 退出登录
一、settings中的配置
AUTH_USER_MODEL=’app0.User‘
LOGIN_URL = './login/'
二、路由
urls.py
from django.urls import path,include
from App0 import views
app_name = 'App0'
urlpatterns = [
path('index/',views.index,name='index'),
path('register/',views.register,name='register'),
path('register_end/',views.register_end,name='register_end'),
path('login/',views.user_login,name='user_login'),
path('logout/', views.user_logout, name='user_logout'),
path('published',views.published,name='published'),
path('change',views.change,name='change'),
]
三、forms验证
forms.py
from django import forms
from django.core.exceptions import ValidationError
class RegisterForm(forms.Form):
username = forms.CharField(min_length=3,validators=[],required=True,error_messages={
'required':'用户名必须输入',
'min_length':'用户名至少3个字符'
})
password = forms.CharField(min_length=3,validators=[],required=True,error_messages={
'required':'密码必须输入',
'min_length':'用户名至少3个字符'
})
confirm= forms.CharField(min_length=3,validators=[],required=True,error_messages={
'required':'密码必须输入',
'min_length':'用户名至少3个字符'
})
register_time = forms.DateTimeField(required=False,error_messages={
'invalid':'日期格式错误',
})
sex = forms.BooleanField(required=True)
age = forms.CharField(required=True)
email = forms.EmailField(required=True)
# 单个字段验证
def clean_password(self):
password = self.cleaned_data.get('password')
if password and password.isdigit():
raise ValidationError('密码不能是纯数字')
return password
# 全局验证
def clean(self):
password = self.cleaned_data.get('password',None)
confirm = self.cleaned_data.get('confirm','')
if password != confirm:
raise ValidationError({'confirm':'两次密码输入不一致'})
return self.cleaned_data
四、模型
models.py
from django.contrib.auth.models import AbstractUser
from django.db import models
# 这里继承python自带的一个用于用户注册的一个类
class User(AbstractUser):
uid = models.AutoField(primary_key=True)
username = models.CharField(max_length=255,unique=True)
password = models.CharField(max_length=255,unique=True)
age = models.IntegerField(unique=False)
sex = models.BooleanField()
register_time = models.DateTimeField()
class Meta:
db_table = 'user'
五、视图函数
views.py
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
from django.shortcuts import render, redirect
from django.http import HttpResponse
from App0.forms import RegisterForm
from App0.models import User
from django.urls import reverse
# Create your views here.
def register(request):
if request.method == 'POST':
# 用提交的数据生成表单
form = RegisterForm(request.POST)
# 能通过验证返回Ture,否则返回False
if form.is_valid():
data = form.cleaned_data
print(data)
else:
# 验证不成功,把错误表单渲染到前端页面
return render(request,'register.html',{'form':form})
return render(request,'register.html')
def register_end(request):
if request.method == 'POST':
form = RegisterForm(request.POST)
if form.is_valid():
data = form.cleaned_data
del data['confirm']
# 或者使用pop data.pop('confirm)
# 把用户写入数据库
# 密码会做签名,不能手动签名加password
# 这里使用create_user很方便
user = User.objects.create_user(**data)
if user:
return HttpResponse("注册成功")
else:
return render(request, 'register.html', {'form': form})
else:
return render(request, 'register.html', {'form': form})
# get 请求
return render(request,'register.html')
def user_login(request):
if request.method == 'POST':
username = request.POST.get('username','')
password = request.POST.get('password','')
# 用户验证,如果正确,返回user对象,否则返回None
user = authenticate(request,username=username,password=password)
if user:
# 记录用户登陆状态,参数是请求对象和用户对象
login(request,user)
return redirect(reverse("App0:index"))
else:
return render(request, 'login.html',{'msg':'用户名密码错误'})
return render(request,'login.html')
def user_logout(request):
# 退出登录
logout(request)
return redirect(reverse('App0:index'))
def index(request):
# 这个属性可以判断是否登陆过
print(request.user.is_authenticated)
return render(request,'index.html')
# 路由保护
@login_required(login_url= '/login/') #reverse('App0:user_login'))
def published(request):
return HttpResponse('发表')
def change(request):
user = User.objects.get(username='tom')
user.set_password('123')
user.save()
return HttpResponse('修改密码')
六、前端模板
index.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
{% if request.user.is_authenticated %}
{{ request.user.username }} <a href="{% url 'App0:user_logout' %}">退出登录</a>
{% else %}
您还没有登录,请先 <a href="{% url 'App0:user_login' %}">登录</a>
{% endif %}
</body>
</html>
login.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>login</title>
</head>
<body>
<form action="{% url 'App0:user_login' %}" method="POST">
{% csrf_token %}
用户名:<input type="text" name="username"><br>
密码:<input type="password" name="password"><br>
<input type="submit" value="登录">
</form>
{{ msg }}
</body>
</html>
register.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>register</title>
</head>
<body>
<form action="{% url 'App0:register_end' %}" method="post">
{% csrf_token %}
用户名:<input type="text" name="username"><br>
{{ form.username.errors }}
密码:<input type="password" name="password"><br>
{{ form.password.errors }}
确认密码:<input type="password" name="confirm"><br>
{{ form.confirm.error }}
性别:<input type="radio" name="sex" value="0">女<input type="radio" name="sex" value="0">男<br>
{{ form.sex.errors }}
email:<input type="email" name="email"><br>
{{ form.email.errors }}
age:<input type="text" name="age"><br>
{{ form.age.errors }}
注册日期:<input type="text" name="register_time"><br>
{{ form.regtime.errors }}
<input type="submit" value="注册">
</form>
</body>
</html>
七、前后端分离
对于前后端分离或者说移动端项目,我们在framwork的框架中还会去学一些别的方式,利用token或者jwt