Django中Auth认证系统实现注册与登录()

Django中Auth认证系统实现注册与登录

(1)创建项目应用user,并将项目应用user,模版文件夹templates和静态资源文件夹static添加到Django的运行环境,如下:

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'user'
]

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [BASE_DIR / 'templates'],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

STATIC_URL = '/static/'
STATICFILES_DIRS = [BASE_DIR / 'static']

(2)执行数据迁移

(3) 在项目应用user中创建urls.py,并分别在项目文件夹的urls.py和user的urls.py定义用户注册,登录,修改密码,注销的路由信息,代码如下:

# 项目默认应用的urls.py
from django.urls import path, include
# from django.contrib import admin
urlpatterns = [
    # path('', admin.site.urls),
    path('', include(('user.urls', 'user'), namespace='user')),
]


# user的urls.py
from django.urls import path
from .views import *
urlpatterns = [
	path('login.html', loginView, name='login'),
	path('register.html', registerView, name='register'),
	path('setps.html', setpsView, name='setps'),
	path('logout.html', logoutView, name='logout'),
]

(4)创建user.html模板,代码如下:

<!DOCTYPE html>
<html>
<head>
    {% load static %}
	<title>{{ title }}</title>
	<link rel="stylesheet" href="{% static "css/reset.css" %}" />
	<link rel="stylesheet" href="{% static "css/user.css" %}" />
    <script src="{% static "js/jquery.min.js" %}"></script>
    <script src="{% static "js/user.js" %}"></script>
</head>
<body>
<div class="page">
	<div class="loginwarrp">
		<div class="logo">{{ pageTitle }}</div>
        <div class="login_form">
			<form id="Login" name="Login" method="post" action="">
                {% csrf_token %}
				<li class="login-item">
					<span>用户名:</span>
					<input type="text" name="username" class="login_input">
                    <span id="count-msg" class="error"></span>
				</li>
				<li class="login-item">
					<span>密 码:</span>
					<input type="password" name="password" class="login_input">
                    <span id="password-msg" class="error"></span>
				</li>
                {% if password2 %}
                    <li class="login-item">
                        <span>新密码:</span>
                        <input type="password" name="password2" class="login_input">
                        <span id="password-msg" class="error"></span>
				    </li>
                {% endif %}
                <div>{{ tips }}</div>
				<li class="login-sub">
					<input type="submit" name="Submit" value="确定">
				</li>				
           </form>
		</div>
	</div>
</div>
<script type="text/javascript">
	window.onload = function() {
		var config = {
			vx : 4,
			vy : 4,
			height : 2,
			width : 2,
			count : 100,
			color : "121, 162, 185",
			stroke : "100, 200, 180",
			dist : 6000,
			e_dist : 20000,
			max_conn : 10
		};
		CanvasParticle(config);
	}
</script>
<script src="{% static "js/canvas-particle.js" %}"></script>
</body>
</html>

注意:模板文件仅为示例,可以更换

(5)在user的views.py中定义视图函数

from django.shortcuts import render
from django.http import HttpResponse
from django.contrib.auth.models import User
from django.contrib.auth import login, logout, authenticate

# 用户注册
def registerView(request):
    # 设置模版上下文
    title = '注册'
    pageTitle = '用户注册'
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        if User.objects.filter(username=u):
            tips = '用户已存在'
        else:
            d = dict(username=u, password=p, is_staff=1, is_superuser=1)
            user = User.objects.create_user(**d)
            user.save()
            tips = '注册成功,请登录'
    return render(request, 'user.html', locals())

# 用户登录
def loginView(request):
    # 设置模版上下文
    title = '登录'
    pageTitle = '用户登录'
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        if User.objects.filter(username=u):
            user = authenticate(username=u, password=p)
            if user:
                if user.is_active:
                    login(request, user)
                return HttpResponse('登录成功')
            else:
                tips = '账号密码错误,请重新输入'
        else:
            tips = '用户不存在,请注册'
    return render(request, 'user.html', locals())

# 修改密码
def setpsView(request):
    # 设置模版上下文
    title = '修改密码'
    pageTitle = '修改密码'
    password2 = True
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        p2 = request.POST.get('password2', '')
        if User.objects.filter(username=u):
            user = authenticate(username=u, password=p)
            # 判断用户的账号密码是否正确
            if user:
                user.set_password(p2)
                user.save()
                tips = '密码修改成功'
            else:
                tips = '原始密码不正确'
        else:
            tips = '用户不存在'
    return render(request, 'user.html', locals())

# 用户注销,退出登录
def logoutView(request):
    logout(request)
    return HttpResponse('注销成功')

补充:密码修改主要由函数set_password实现,而函数set_passwor是在内置函数make_password的基础上进行封装而来的,Django默认使用pbkdf2_sha256方式存储和管理用户密码,而内置函数make_password用于实现用户密码的加密处理,并且该函数可以脱离Auth认证系统单独使用,比如对某些特殊数据进行加密处理等,在user的views.py中定义视图函数stepsView2,它使用make_password实现密码修改,代码如下:

from django.contrib.auth.hashers import make_password
def setpsView2(request):
    # 设置模版上下文
    title = '修改密码'
    pageTitle = '修改密码'
    password2 = True
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        p2 = request.POST.get('password2', '')
        # 判断用户是否存在
        user = User.objects.filter(username=u)
        if User.objects.filter(username=u):
            user = authenticate(username=u,password=p)
            # 判断用户的账号密码是否正确
            if user:
                # 密码加密处理并保存到数据库
                dj_ps = make_password(p2, None, 'pbkdf2_sha256')
                user.password = dj_ps
                user.save()
            else:
                print('原始密码不正确')
    return render(request, 'user.html', locals())

另外还有一个check_password函数,导入方式与make_password一样,check_password用于判断加密前与加密后的密码是否是同一个密码,返回值是布尔类型。

————————

Django中Auth认证系统实现注册与登录

(1)创建项目应用user,并将项目应用user,模版文件夹templates和静态资源文件夹static添加到Django的运行环境,如下:

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'user'
]

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [BASE_DIR / 'templates'],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

STATIC_URL = '/static/'
STATICFILES_DIRS = [BASE_DIR / 'static']

(2)执行数据迁移

(3) 在项目应用user中创建urls.py,并分别在项目文件夹的urls.py和user的urls.py定义用户注册,登录,修改密码,注销的路由信息,代码如下:

# 项目默认应用的urls.py
from django.urls import path, include
# from django.contrib import admin
urlpatterns = [
    # path('', admin.site.urls),
    path('', include(('user.urls', 'user'), namespace='user')),
]


# user的urls.py
from django.urls import path
from .views import *
urlpatterns = [
	path('login.html', loginView, name='login'),
	path('register.html', registerView, name='register'),
	path('setps.html', setpsView, name='setps'),
	path('logout.html', logoutView, name='logout'),
]

(4)创建user.html模板,代码如下:

<!DOCTYPE html>
<html>
<head>
    {% load static %}
	<title>{{ title }}</title>
	<link rel="stylesheet" href="{% static "css/reset.css" %}" />
	<link rel="stylesheet" href="{% static "css/user.css" %}" />
    <script src="{% static "js/jquery.min.js" %}"></script>
    <script src="{% static "js/user.js" %}"></script>
</head>
<body>
<div class="page">
	<div class="loginwarrp">
		<div class="logo">{{ pageTitle }}</div>
        <div class="login_form">
			<form id="Login" name="Login" method="post" action="">
                {% csrf_token %}
				<li class="login-item">
					<span>用户名:</span>
					<input type="text" name="username" class="login_input">
                    <span id="count-msg" class="error"></span>
				</li>
				<li class="login-item">
					<span>密 码:</span>
					<input type="password" name="password" class="login_input">
                    <span id="password-msg" class="error"></span>
				</li>
                {% if password2 %}
                    <li class="login-item">
                        <span>新密码:</span>
                        <input type="password" name="password2" class="login_input">
                        <span id="password-msg" class="error"></span>
				    </li>
                {% endif %}
                <div>{{ tips }}</div>
				<li class="login-sub">
					<input type="submit" name="Submit" value="确定">
				</li>				
           </form>
		</div>
	</div>
</div>
<script type="text/javascript">
	window.onload = function() {
		var config = {
			vx : 4,
			vy : 4,
			height : 2,
			width : 2,
			count : 100,
			color : "121, 162, 185",
			stroke : "100, 200, 180",
			dist : 6000,
			e_dist : 20000,
			max_conn : 10
		};
		CanvasParticle(config);
	}
</script>
<script src="{% static "js/canvas-particle.js" %}"></script>
</body>
</html>

注意:模板文件仅为示例,可以更换

(5)在user的views.py中定义视图函数

from django.shortcuts import render
from django.http import HttpResponse
from django.contrib.auth.models import User
from django.contrib.auth import login, logout, authenticate

# 用户注册
def registerView(request):
    # 设置模版上下文
    title = '注册'
    pageTitle = '用户注册'
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        if User.objects.filter(username=u):
            tips = '用户已存在'
        else:
            d = dict(username=u, password=p, is_staff=1, is_superuser=1)
            user = User.objects.create_user(**d)
            user.save()
            tips = '注册成功,请登录'
    return render(request, 'user.html', locals())

# 用户登录
def loginView(request):
    # 设置模版上下文
    title = '登录'
    pageTitle = '用户登录'
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        if User.objects.filter(username=u):
            user = authenticate(username=u, password=p)
            if user:
                if user.is_active:
                    login(request, user)
                return HttpResponse('登录成功')
            else:
                tips = '账号密码错误,请重新输入'
        else:
            tips = '用户不存在,请注册'
    return render(request, 'user.html', locals())

# 修改密码
def setpsView(request):
    # 设置模版上下文
    title = '修改密码'
    pageTitle = '修改密码'
    password2 = True
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        p2 = request.POST.get('password2', '')
        if User.objects.filter(username=u):
            user = authenticate(username=u, password=p)
            # 判断用户的账号密码是否正确
            if user:
                user.set_password(p2)
                user.save()
                tips = '密码修改成功'
            else:
                tips = '原始密码不正确'
        else:
            tips = '用户不存在'
    return render(request, 'user.html', locals())

# 用户注销,退出登录
def logoutView(request):
    logout(request)
    return HttpResponse('注销成功')

补充:密码修改主要由函数set_password实现,而函数set_passwor是在内置函数make_password的基础上进行封装而来的,Django默认使用pbkdf2_sha256方式存储和管理用户密码,而内置函数make_password用于实现用户密码的加密处理,并且该函数可以脱离Auth认证系统单独使用,比如对某些特殊数据进行加密处理等,在user的views.py中定义视图函数stepsView2,它使用make_password实现密码修改,代码如下:

from django.contrib.auth.hashers import make_password
def setpsView2(request):
    # 设置模版上下文
    title = '修改密码'
    pageTitle = '修改密码'
    password2 = True
    if request.method == 'POST':
        u = request.POST.get('username', '')
        p = request.POST.get('password', '')
        p2 = request.POST.get('password2', '')
        # 判断用户是否存在
        user = User.objects.filter(username=u)
        if User.objects.filter(username=u):
            user = authenticate(username=u,password=p)
            # 判断用户的账号密码是否正确
            if user:
                # 密码加密处理并保存到数据库
                dj_ps = make_password(p2, None, 'pbkdf2_sha256')
                user.password = dj_ps
                user.save()
            else:
                print('原始密码不正确')
    return render(request, 'user.html', locals())

另外还有一个check_password函数,导入方式与make_password一样,check_password用于判断加密前与加密后的密码是否是同一个密码,返回值是布尔类型。