zoukankan      html  css  js  c++  java
  • django 之 用户忘记密码的解决办法

    编程思路:

    1.发送修改密码的链接到用户邮箱

    2.链接指向密码修改model

    3.通过sesson 取得用户对应数据库记录

    4.调用修改密码界面,修改密码及保存

    5.修改urls.py

    附:相关代码

    在 view.py 

    对应思路编号 1

    class ContactForm(forms.Form):            #修改密码
        username = forms.CharField(label='用户名',max_length=100)
        email = forms.EmailField(label='邮箱',max_length=50)
        
        class Meta:
            model = Person
            fields = ('username','email')
    
    
    def contacts(request):
        if request.method == 'POST':
            form = ContactForm(request.POST)
            if form.is_valid():
                username = form.cleaned_data['username']
                email = form.cleaned_data['email'] 
                user_list_mod = Person.objects.filter(email__exact = email , username__exact = username)
                if user_list_mod:
                    user1 = Person.objects.get(email__exact = email)
                    code =  user1.mailkey
                    send_check_email(email, code)  
                else:
                     return render(request,'register/error.html')
                return render(request,'register/rg_success.html')
        else:
            form = ContactForm()
        return render(request,'contacts.html', {'form':form})

    对应思路编号 2

    class ModifyUserView(View):
        def get(self, request, modify_code):
        # 用code在数据库中过滤处信息
            code_ck = modify_code
    
            code_records_ck = Person.objects.filter(mailkey=modify_code)
            if code_records_ck:
              # 通过邮箱查找到对应的用户
                user = Person.objects.get(mailkey=modify_code)
                    # 激活用户
                    #user.is_active = True
    #把获取表单的用户名传递给session对象  
                request.session['code_ck'] = code_ck  
                #return render(request, "register/modifypwd.html",{"msg":"用户激活成功"})
    
               # content = {'user':user}
                   # user.save()
            else:
                return render(request, "register/active_fail.html")
            
            #return render(request,'contacts_ck.html')
            return HttpResponseRedirect('/run_mod_pwd') 

    对应思路编号 3

     见以上代码:request.session['code_ck'] = code_ck  


    对应思路编号 4
    def run_mod_pwd(request):          #开始修改密码
        if request.method == "POST":
            form = ContactFormCk(request.POST)
           
    
            if form.is_valid():
                password = form.cleaned_data['password'] 
                password2 = form.cleaned_data['password2'] 
                if password == password2:
                    user = Person()
    
                    mailkey = request.session.get('code_ck','')   #取得sesson中的邮箱注册码
                    user = Person.objects.get(mailkey__exact = mailkey)
                    user.password = make_password(password)  # 明文密码经过加密处理
                    user.is_active = True
                    user.save()
                    return render(request,'register/rg_success.html')
                else:
                    form = ContactFormCk()  #表单类实例化
        else: #Get 请求
            form = ContactFormCk()  #表单类实例化
       #return render_to_response('register.html',{'form':form})
        return render(request,'contacts_ck.html',{'form':form})
    
    

    对应思路编号 5

    urlpatterns = [
        url(r'^django-admin/', include(admin.site.urls)),
    
        url(r'^admin/', include(wagtailadmin_urls)),
        url(r'^documents/', include(wagtaildocs_urls)),
    
        url(r'^search/$', search_views.search, name='search'),
    
    
        url(r'^contacts/$', rg_views.contacts, name='contacts'),
    
     
        url(r'^run_mod_pwd/$', rg_views.run_mod_pwd, name='run_mod_pwd'),
    
    
    
        url(r'^active/(?P<active_code>.*)/$', ActiveUserView.as_view(), name="user_active"), 
    #修改密码
        url(r'^modify/(?P<modify_code>.*)/$', ModifyUserView.as_view(), name="user_modify"), 
         # 提取出active后的所有字符赋给active_code
    
      #url(r'^login/$', include('login.urls')),
        url(r'', include(wagtail_urls)),
        

    有待思考:

      1.取得用户当前记录,目前是采用核对数据库用户邮件中的随机码与邮件传递的随机码;是否合理?

      2.数据传递过程中,是否存在安全性不足?

     
  • 相关阅读:
    PhpStorm 配置IDE
    PhpStorm 配置数据库
    将EXCEL表中的数据轻松导入Mysql数据表
    JavaScript Map数据结构
    JavaScript RegExp 对象
    JavaScriptDate(日期)
    JavaScript 对象
    JavaScript 闭包
    JavaScript 函数调用
    JavaScript 函数参数
  • 原文地址:https://www.cnblogs.com/wag-tail-118/p/8451934.html
Copyright © 2011-2022 走看看