十八 Django 1.5.4 login_required

来源：互联网发布：哪个药店软件正品编辑：程序博客网时间：2024/05/22 00:18

login_required() 完成以下工作：

如果用户未登录，则重定向到settings.LOGIN_URL，在Query String中传递当前绝对路径。例如： /accounts/login/?next=/polls/3/.
如果用户已登录，则正常执行view。在View的代码可假定用户已经登录。

一般，用户在成功认证后重定向的链接保存在query string的next参数。如果你想用其他参数名。login_required()中有可选的redirect_field_name参数。

注意：如果你设置了redirect_field_name，你可能还需要在你的login模板中做相应修改。因为保存重定向路径的模板上下文变量（template context variable）将使用参数 redirect_field_name的值作为key。

login_required() 还提供一个可选的 login_url 参数

注意：login_required修饰符不会检查user的is_active标志位。

访问限制 Limiting access to logged-in users that pass a test

Django提供一种简单的方式来判断用户是否具备某种权限： permission_required() 修饰符

一.login.html

{% extends "base.html" %}{% block title %} Login {% endblock %}{% block content %}<form action="." method="POST">        {% csrf_token %}        {{ mensaje }}        {{ form.as_p }}        {% if next %}                <input type="hidden" value="{{next}}" name="next">        {% else %}                <input type="hidden" value="/" name="next">        {% endif %}        <button class="btn btn-primary" type="submit"> Login </button>        <h5>Registrarte <a href="/registro/">aquí</a></h5></form>{% endblock %}

二.views.py

from django.shortcuts import render_to_responsefrom django.template import RequestContextfrom demo.apps.ventas.models import productofrom demo.apps.home.forms import ContactForm, LoginForm,RegisterFormfrom django.core.mail import EmailMultiAlternatives # Enviamos HTMLfrom django.contrib.auth.models import Userimport djangofrom demo.settings import URL_LOGINfrom django.contrib.auth import login,logout,authenticatefrom django.http import HttpResponseRedirect# Paginacion en Djangofrom django.core.paginator import Paginator,EmptyPage,InvalidPagefrom django.contrib.auth.decorators import login_requireddef index_view(request):        return render_to_response('home/index.html',context_instance=RequestContext(request))@login_required(login_url=URL_LOGIN)def about_view(request):        version = django.get_version()        mensaje = "Esto es un mensaje desde mi vista"        ctx = {'msg':mensaje,'version':version}        return render_to_response('home/about.html',ctx,context_instance=RequestContext(request))def productos_view(request,pagina):        lista_prod = producto.objects.filter(status=True) # Select * from ventas_productos where status = True        paginator = Paginator(lista_prod,5) # Cuantos productos quieres por pagina? = 3        try:                page = int(pagina)        except:                page = 1        try:                productos = paginator.page(page)        except (EmptyPage,InvalidPage):                productos = paginator.page(paginator.num_pages)        ctx = {'productos':productos}        return render_to_response('home/productos.html',ctx,context_instance=RequestContext(request))def singleProduct_view(request,id_prod):        prod = producto.objects.get(id=id_prod)        cats = prod.categorias.all() # Obteniendo las categorias del producto encontrado        ctx = {'producto':prod,'categorias':cats}        return render_to_response('home/SingleProducto.html',ctx,context_instance=RequestContext(request))@login_required(login_url=URL_LOGIN)def contacto_view(request):        info_enviado = False # Definir si se envio la informacion o no se envio        email = ""        titulo = ""        texto = ""        if request.method == "POST":                formulario = ContactForm(request.POST)                if formulario.is_valid():                        info_enviado = True                        email = formulario.cleaned_data['Email']                        titulo = formulario.cleaned_data['Titulo']                        texto = formulario.cleaned_data['Texto']                        # Configuracion enviando mensaje via GMAIL                        to_admin = 'alexexc2@gmail.com'                        html_content = "Informacion recibida de [%s] <br><br><br>***Mensaje****<br><br>%s"%(email,texto)                        msg = EmailMultiAlternatives('Correo de Contacto',html_content,'from@server.com',[to_admin])                        msg.attach_alternative(html_content,'text/html') # Definimos el contenido como HTML                        msg.send() # Enviamos en correo        else:                formulario = ContactForm()        ctx = {'form':formulario,'email':email,'titulo':titulo,'texto':texto,'info_enviado':info_enviado}        return render_to_response('home/contacto.html',ctx,context_instance=RequestContext(request))def login_view(request):        mensaje = ""        if request.user.is_authenticated():                return HttpResponseRedirect('/')        else:                if request.method == "POST":                        form = LoginForm(request.POST)                        if form.is_valid():                                next = request.POST['next']                                username = form.cleaned_data['username']                                password = form.cleaned_data['password']                                usuario = authenticate(username=username,password=password)                                if usuario is not None and usuario.is_active:                                        login(request,usuario)                                        return HttpResponseRedirect(next)                                else:                                        mensaje = "usuario y/o password incorrecto"                next = request.REQUEST.get('next')                form = LoginForm()                ctx = {'form':form,'mensaje':mensaje,'next':next}                return render_to_response('home/login.html',ctx,context_instance=RequestContext(request))def logout_view(request):        logout(request)        return HttpResponseRedirect('/')def register_view(request):        form = RegisterForm()        if request.method == "POST":                form = RegisterForm(request.POST)                if form.is_valid():                        usuario = form.cleaned_data['username']                        email = form.cleaned_data['email']                        password_one = form.cleaned_data['password_one']                        password_two = form.cleaned_data['password_two']                        u = User.objects.create_user(username=usuario,email=email,password=password_one)                        u.save() # Guardar el objeto                        return render_to_response('home/thanks_register.html',context_instance=RequestContext(request))                else:                        ctx = {'form':form}                        return         render_to_response('home/register.html',ctx,context_instance=RequestContext(request))        ctx = {'form':form}        return render_to_response('home/register.html',ctx,context_instance=RequestContext(request))

三.login.html

{% extends "base.html" %}{% block title %} Login {% endblock %}{% block content %}<form action="." method="POST">        {% csrf_token %}        {{ mensaje }}        {{ form.as_p }}        {% if next %}                <input type="hidden" value="{{next}}" name="next">        {% else %}                <input type="hidden" value="/" name="next">        {% endif %}        <button class="btn btn-primary" type="submit"> Login </button>        <h5>Registrarte <a href="/registro/">aquí</a></h5></form>{% endblock %}