1.cookie
def login(request): if request.method == "GET": return render(request,"login.html") else: user = request.POST.get("user") pwd = request.POST.get("pwd") user_obj = UserInfo.objects.filter(user=user,pwd=pwd).first() if user_obj: # 如果登录成功设置cookie obj = redirect("/index/") obj.set_cookie("username",user) obj.set_cookie("is_login",True,max_age=3600*24*7) return obj else: return HttpResponse("error") def index(request): print(request.COOKIES) is_login = request.COOKIES.get("is_login") if not is_login: return redirect("/login/") shangpin = "香蕉" shangpin_list = ["苹果", "荔枝", "榴莲"] name = request.COOKIES.get("username") return render(request,"index.html",{"shangpin":shangpin, "shangpin_list":shangpin_list, "name":name})
2.session
def login_session(request): if request.method == "GET": return render(request,"login.html") else: user = request.POST.get("user") pwd = request.POST.get("pwd") user_obj = UserInfo.objects.filter(user=user,pwd=pwd).first() if user_obj: #用户认证信息储存 request.session["suername"] = user request.session["sis_login"] = True ''' if request.COOKIE.get("sessionid"): random_str = request.COOKIE.get("sessionid") 在django-session表中过滤session-key=random-str的记录进行update else: 1.生成一个随机字符串 2.向django-session表中插入数据 3.响应set_cookie:{"sessionid": } ''' return redirect("/index_session/") else: return HttpResponse("error")
def index_session(request): ''' request.session 1.request.COOKIE.get("sessionid") 2.在django-session表中过滤session-key 3.取出过滤记录的session-data反序列化数据字典 {"susername":"egon","sis_login":True} ''' sis_login = request.session.get("sis_login") if not sis_login: return redirect("/login_session/") else: shangpin = "香蕉" shangpin_list = ["苹果", "荔枝", "榴莲"] name = request.session.get("susername") return render(request, "index.html", {"shangpin": shangpin, "shangpin_list": shangpin_list, "name": name})
def logout(request): ''' 1 request.COOKIE.get("sessionid") :23423hkjsf890234sd 2 在django-session表过滤session-key=23423hkjsf890234sd的记录删除 3 response.delete_cookie("sessionid") ''' request.session.flush() return redirect("/login_session/")
3.用户认证组件
前提:使用django自带的用户表 auth_user
插入记录命令:python manage.py createsuperuser
引入from django.contrib import auth
1.auth.authenticate(username=user,password=pwd) 查询语句
2.auth.login(request,user_obj) 保存用户状态信息
request.user:全局变量。模板,视图直接可以使用
3.auth.logout(request) 注销
4.User.objects.create_user(username=user,password=pwd) 注册 from django.contrib.auth.models import User
5.user = User.objects.get(username=request.user.username)
user.set_password(raw_password="555")
from django.shortcuts import render,redirect,HttpResponse # Create your views here. from django.contrib import auth def login(request): if request.method == "GET": return render(request,"login.html") else: user = request.POST.get("user") pwd = request.POST.get("pwd") # 数据库查询该用户是否存在 user_obj = auth.authenticate(username=user,password=pwd) if user_obj: # 保存用户状态信息 auth.login(request,user_obj) # request.session["user_id"]=user_obj.pk return redirect("/index/") else: return redirect("/login/") def index(request): ''' print(request.user) # 默认匿名用户对象 AnonymousUser print(request.user.id) # None print(request.user.username) # "" print(request.user.is_active) # False ''' if not request.user.is_authenticated: return redirect("/login/") name = request.user.username return render(request,"index.html",locals()) def logout(request): auth.logout(request) return redirect("/login/") from django.contrib.auth.models import User def reg(request): if request.method =="GET": return render(request,"reg.html") else: user = request.POST.get("user") pwd = request.POST.get("pwd") User.objects.create_user(username=user,password=pwd) return redirect("/login/") def set_password(request): user = User.objects.get(username=request.user.username) user.set_password(raw_password="666") user.save() return redirect("/login/")
user.save()