1.效果展示
1.1登录页面
1.2注册页面
1.3主页(页面简直不能再简单了)
2.功能实现
2.1用户密码加盐后加密处理
import hashlib
def hash_code(s,salt='mysite'):
h = hashlib.sha256()
s = s + salt
h.update(s.encode())
return h.hexdigest()
2.2登录
def login(request):
if request.session.get('is_login',None):
return redirect('/index/')
if request.method == 'POST':
login_form = form.UserForm(request.POST)
message = '请检查填写的内容'
if login_form.is_valid():
username = login_form.cleaned_data.get('username')
password = login_form.cleaned_data.get('password')
try:
user = models.User.objects.get(name=username)
except:
message = '用户不存在'
return render(request,'login/login.html',locals())
if not user.has_confirmed:
message = '用户还未经过邮件确认'
return render(request,'login/login.html',locals())
if user.password == hash_code(password):
request.session['is_login'] = True
request.session['user_id'] = user.id
request.session['user_name'] = user.name
return redirect('/index/')
else:
message = '密码不正确'
return render(request,'login/login.html',locals())
else:
return render(request,'login/login.html',locals())
login_form = form.UserForm(request.POST)
return render(request,'login/login.html',locals())
2.3注册时发送确认邮件
def send_mail(email,code):
from django.core.mail import EmailMultiAlternatives
subject = '来自yzj的注册确认邮件'
text_content = '''
感谢注册,这里是yzj\
如果你看到这条消息,说明你的邮箱服务器不提供HTML链接功能,请联系管理员!
'''
html_content = '''
<p>感谢注册<a href="http://{}/confirm/?code={}" target=blank>www.yzj.com</a>,\
这里是yzj</p>
<p>请点击站点链接完成注册确认!</p>
<p>此链接有效期为{}天!</p>
'''.format('127.0.0.1:8000', code, settings.CONFIRM_DAYS)
msg = EmailMultiAlternatives(subject,text_content,settings.EMAIL_HOST_USER,[email])
msg.attach_alternative(html_content,'text/html')
msg.send()
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.qq.com'
EMAIL_HOST_USER = 'xxxxxx@qq.com'
EMAIL_HOST_PASSWORD = 'xxxx'
EMAIL_PORT = 25
EMAIL_USE_TLS = True
CONFIRM_DAYS = 7
2.4自动生成图片验证码
from captcha.fields import CaptchaField
captcha = CaptchaField(label='验证码')
3.小结
github源码.
参考文档:刘江的博客教程.