一、使用Django自带的decorator
通常情况,使用 函数定义的view,可以直接使用 login_required 直接装饰
@login_required def index(request): if request.method == "GET": return render(request, "index.htm") def user_login(request): if request.method == "GET": return render(request, "login.html") if request.method == "POST": username = request.POST.get("username", "") password = request.POST.get("password", "") user_obj = authenticate(username=username, password=password) if user_obj: login(request, user_obj) return redirect(request.GET.get("nex", "/")) else: return render(request, "login.html") def user_logout(request): logout(request) return render(request, "login.html")
这里需要注意的是: login_required默认会重定向到 /account/login url, 因此我们可以在Settings.py中修改这个默认的重定向url;
LOGIN_URL = "/login.html"
但是如果使用类定义的view,是不能够直接使用 login_required进行装饰的
需要重新定义一个 LoginRequired类,让视图类去继承:
from django.contrib.auth.decorators import login_required from django.utils.decorators import method_decorator class LoginRequiredMixin(object): @method_decorator(login_required(login_url="/login/")) def dispatch(self, request, *args, **kwargs): return super(LoginRequiredMixin, self).dispatch(request, *args, **kwargs)
class xxxView(LoginRequired, View)
pass
二、自己写一个认证decorator
函数装饰器
# 认证装饰器 class AuthDecorator(object): @method_decorator(login_required(login_url="/login/")) def dispatch(self, request, *args, **kwargs): return super(AuthDecorator, self).dispatch(request, *args, **kwargs) def has_auth(func): def auth(request, *args, **kwargs): if not request.session.get("username"): return redirect(reverse("login")) return func(request, *args, **kwargs) return auth @has_auth def index(request): user = request.session.get("username") business_obj = Business.objects.all() user_obj = User.objects.all() hosts = Host.objects.filter(user__username=user) return render(request, "index.html", { "hosts": hosts, "business_obj": business_obj, "user_obj": user_obj })
类装饰器
# 认证装饰器 class Auth(View): def dispatch(self, request, *args, **kwargs): user_obj = UserInfo.objects.filter(username=request.session.get("username")).first() if not user_obj: return redirect(reverse("login")) return super(Auth, self).dispatch(request, *args, **kwargs) # 主页视图 class IndexView(Auth): def get(self, request): user = request.session.get("username") business_obj = Business.objects.all() user_obj = UserInfo.objects.all() hosts = Host.objects.filter(user__username=user) return render(request, "index.html", { "hosts": hosts, "business_obj": business_obj, "user_obj": user_obj })