07.Django中的自定义认证方式和权限的设计与使用

来源：互联网发布：初学java用什么编译器编辑：程序博客网时间：2024/06/13 11:03

一：自定义认证方式

前提条件

1：建立简单的django工程

2：简单的login模块

3：基础的配置假设已经完成

4：User配置参考上一篇博客http://blog.csdn.net/gamer_gyt/article/details/50499653

以上如果哪点不明白，请查看前边章节诶的内容

class LoginForm(forms.Form):   username=forms.CharField(label="username:",max_length=100)   email = forms.CharField(label = "email:" , max_length = 100)   pwd = forms.CharField(label = "password:" , widget=forms.PasswordInput)
def login(request):    if ('email' or 'pwd'or 'username') not in request.GET:        lf = LoginForm()        return render_to_response("login.html",{"lf":lf})    lf = LoginForm(request.GET)    name = lf.data['username']    email = lf.data['email']    pwd = lf.data['pwd']    try:        user = User.objects.get(email=email,username=name)    except User.DoesNotExist:        pass    else:   return HttpResponse("login in:" +user.username + user.email)

<!DOCTYPE html><html lang="en"><head>    <meta charset="UTF-8">    <title>Title</title></head><body><form method="get" enctype="multipart/form-data">    {{ lf.as_p }}    <input type="submit" value="OK"></form></body></html>

启动服务

127.0.0.1:8080/logre/login

点击OK：

完工

二：权限设计与应用

新建一个blog模块，定义models.py:

class Blog(models.Model):    blog_title = models.CharField(blank=False,verbose_name="标题",max_length=20,unique=True)    #blank = False 表示该项必选    blog_time = models.DateTimeField(verbose_name="发表时间")    blog_content = models.TextField(blank=False,verbose_name="内容")    blog_seenum = models.IntegerField(verbose_name="浏览量",default=0)    def __unicode__(self):        return self.blog_title    class Meta:        db_table = "blog"        permissions=(            ("can_view","can see blogs"),            ("can_add","can add blogs"),            ("can_edit","can edit blogs"),            ("can_delete","can delete blogs"),        )

在admin.py中进行注册：

class BlogAdmin(admin.ModelAdmin):    list_display = ('blog_title','blog_time','blog_seenum')    list_filter = ('blog_title','blog_time','blog_seenum')    search_fields = ('blog_title','blog_time','blog_seenum')    fields = ('blog_title','blog_time','blog_content','blog_seenum')    ordering = ('-blog_time',)

admin.site.register(Blog,BlogAdmin)

新建注册页面：regeister.html

<!DOCTYPE html><html lang="en"><head>    <meta charset="UTF-8">    <title>Title</title></head><body><form method="get" enctype="multipart/form-data">    {{ lf.as_p }}    <input type="submit" value="OK"></form></body></html>

在logre的views模块中添加regeister函数

def regeister(request):    if ('email' or 'pwd'or 'username') not in request.GET:        lf = LoginForm()        return render_to_response("regeister.html",{"lf":lf})    lf = LoginForm(request.GET)    name = lf.data["username"]    email = lf.data['email']    pwd = lf.data['pwd']    user = User()    user.username= name    user.email = email    user.pwd = pwd    user.save()    user.user_permissions = [Permission.objects.get(codename="can_view"),Permission.objects.get(codename='can_add')]    user.save()    return HttpResponseRedirect('/logre/login')

修改login函数为：

def login(request):    if ('email' or 'pwd'or 'username') not in request.GET:        lf = LoginForm()        return render_to_response("login.html",{"lf":lf})    lf = LoginForm(request.GET)    name = lf.data['username']    email = lf.data['email']    pwd = lf.data['pwd']    try:        user = User.objects.get(email=email,username=name)    except User.DoesNotExist:        pass    else:        if user.check_password(pwd):            if user.has_perm('blog.can_view'):                return HttpResponse("you can see blogs")            return HttpResponse("you can not  see blogs")

注册登录：

you can see blogs

0 0