用户激活,认证
-- 途径
-- 邮件
-- 短信
-- 人工审核
-- 邮件
-- 发送邮件
-- 收件人地址
-- 发件人的信息
-- 用户名
-- 密码
-- 服务器
-- 邮件服务器
-- 端口
-- 不加密默认25
-- 加密465,965
-- 内容
-- 点击邮件中的链接就可以激活
-- 链接中存在用户的唯一标识
-- http://xxxxx/activate/?u_token=YYYY
-- u_token 缓存中 作为key, value -> user_id
-- u_token - > uuid
-- 标识存在过期时间
-- 标识存在使用次数限制
url.py
from django.urls import path from App import views app_name = 'App' urlpatterns = [ path('home/', views.home, name='home'), path('market/', views.market, name='market'), path('marketwithparams/<int:typeid>/<int:childcid>/<order_rule>/', views.market_with_params, name='market_with_params'), path('cart/', views.cart, name='cart'), path('mine/', views.mine, name='mine'), path('register/', views.register, name="register"), path('login/', views.login, name="login"), path('checkuser/', views.check_user, name="check_user"), path('logout/', views.logout, name="logout"), path('activate/', views.activate, name="activate"), ]
views.py
def mine(request): user_id = request.session.get('user_id') data = { "title": "我的", "is_login": False } if user_id: user = AXFUser.objects.get(pk=user_id) data['is_login'] = True data['username'] = user.u_username data['icon'] = MEDIA_KEY_PREFIX + user.u_icon.url return render(request, 'main/mine.html', context=data) def register(request): if request.method == "GET": data = { "title": "Register", } return render(request, 'user/register.html', context=data) elif request.method == "POST": username = request.POST.get("username") email = request.POST.get("email") password = request.POST.get("password") icon = request.FILES.get("icon") # 密码摘要加密 # password = hash_str(password) # Django内置加密 password = make_password(password) user = AXFUser() user.u_username = username user.u_password = password user.u_email = email user.u_icon = icon user.save() # 使用uuid生成唯一标识字符串 u_token = uuid.uuid4().hex # 存入缓存中 cache.set(u_token, user.id, timeout=60*60*24) send_email_activate(username, email, u_token) return redirect(reverse("axf:login")) def login(request): if request.method == "GET": data = { "title": "登陆" } return render(request, 'user/login.html', context=data) elif request.method == "POST": username = request.POST.get("username") password = request.POST.get("password") # 校验密码 users = AXFUser.objects.filter(u_username=username) if users.exists(): user = users.first() # 用户密码,数据安全后的密码 if check_password(password, user.u_password): # 存储用户登录状态 request.session['user_id'] = user.id return redirect(reverse('axf:mine')) else: print("密码错误") return redirect(reverse('axf:login')) print("用户不存在") return redirect(reverse('axf:login')) def check_user(request): username = request.GET.get("username") users = AXFUser.objects.filter(u_username=username) data = { "status": HTTP_OK, "msg": 'user can use', } if users.exists(): data['status'] = HTTP_USER_EXIST data['msg'] = 'user already exist' else: pass return JsonResponse(data=data) def logout(request): request.session.flush() return redirect(reverse('axf:mine')) # 激活 def activate(request): u_token = request.GET.get('u_token') user_id = cache.get(u_token) if user_id: user = AXFUser.objects.get(pk=user_id) user.is_active =True user.save() return redirect(reverse('axf:login')) return render(request, 'user/activate_fail.html')
views_helper.py
import hashlib from django.core.mail import send_mail from django.template import loader from GPAXF.settings import EMAIL_HOST_USER, SERVER_HOST, SERVER_PORT # 密码摘要加密 def hash_str(source): return hashlib.new('sha512', source.encode('utf-8')).hexdigest() # 激活-发送激活邮件 def send_email_activate(username, receive, u_token): subject = '%s AXF Activate' % username from_email = EMAIL_HOST_USER recipient_list = [receive, ] data = { 'username': username, 'activate_url': 'http://{}:{}/axf/activate/?u_token={}'.format(SERVER_HOST, SERVER_PORT, u_token) } # 获取模板并渲染成页面 html_message = loader.get_template('user/activate.html').render(data) send_mail(subject=subject, message="", html_message=html_message, from_email=from_email, recipient_list=recipient_list)