YouTip LogoYouTip

Django Auth

Django User Authentication (Auth) component is generally used for user login and registration, to determine whether the current user is legitimate, and jump to the login success or failure page. Django User Authentication (Auth) component needs to import auth module: # Authentication module from django.contrib import auth # Corresponding database from django.contrib.auth.models import User The return value is a user object. Three ways to create a user object: * **create()**: Creates a regular user, password is in plain text. * **create_user()**: Creates a regular user, password is encrypted. * **create_superuser()**: Creates a superuser, password is encrypted, need to pass an additional email parameter. **Parameters:** * username: Username. * password: Password. * email: Email (create_superuser method needs an additional email parameter). from django.contrib.auth.models import User User.objects.create(username='runboo',password='123') !(#) from django.contrib.auth.models import User User.objects.create_user(username='runbooo',password='123') !(#) from django.contrib.auth.models import User User.objects.create_superuser(username='runboooo',password='123',email='runboo@163.com') !(#) To verify user's username and password, use the authenticate() method, which filters out user objects from the auth_user table. Need to import before use: from django.contrib import auth Parameters: * username: Username * password: Password **Return value:** If verification succeeds, returns the user object; otherwise, returns None. ## Example def login(request): if request.method=="GET": return render(request,"login.html") username = request.POST.get("username") password = request.POST.get("pwd") valid_num = request.POST.get("valid_num") keep_str = request.session.get("keep_str") if keep_str.upper()== valid_num.upper(): user_obj = auth.authenticate(username=username, password=password) print(user_obj.username) !(#) Add session for successfully verified user, assign request.user to the user object. Use login() method for login. Need to import before use: from django.contrib import auth Parameters: * request: User object Return value: None ## Example def login(request): if request.method=="GET": return render(request,"login.html") username = request.POST.get("username") password = request.POST.get("pwd") valid_num = request.POST.get("valid_num") keep_str = request.session.get("keep_str") if keep_str.upper()== valid_num.upper(): user_obj = auth.authenticate(username=username, password=password) print(user_obj.username) if not user_obj: return redirect("/login/") else: auth.login(request, user_obj) path = request.GET.get("next")or"/index/" print(path) return redirect(path) else: return redirect("/login/") !(#) To logout user, use logout() method, need to clear session information, and assign request.user to anonymous user. Need to import before use: from django.contrib import auth Parameters: * request: User object Return value: None ## Example def logout(request): ppp = auth.logout(request) print(ppp)# None return redirect("/login/") Set decorator, add unified decorator to pages that need to be accessed after successful login. Need to import before use: from django.contrib.auth.decorators import login_required ## Example from django.contrib.auth.decorators import login_required @login_required def index(request): return HttpResponse("indexPage...") Set which page to return to after successful login, based on which page was accessed. **Explanation:** When django accesses a page, if the user is not logged in, it returns the login page to the user. At this time, the login page URL has a parameter: next=the URL of the page the user was trying to access. Therefore, set the URL to redirect to after successful login as the value of the next parameter. However, if the user directly enters the login page, request.GET.get("next") cannot get the value, so adding or at the end allows setting a custom return page. ## Example # If directly input login, get() cannot get the value, path can be customized to set the return page path = request.GET.get("next")or"/index/" return redirect(path) !(#)
← Django MiddlewareDjango Orm 3 β†’