一、基本数据
1、模型类
class Usermodel(models.Model):
id = models.AutoField(primary_key=True)
user = models.CharField(max_length=32,verbose_name='用户名')
password = models.CharField(max_length=512,verbose_name='密码')
2、视图函数
from django.contrib.auth.hashers import make_password, check_password
from django.http import JsonResponse
from django.views import View
2.1、注册视图
class ResgisterView(View):
def post(self,request):
username = request.POST.get('username')
password = request.POST.get('password')
user = models.Usermodel.objects.filter(user=username)
if user:
return JsonResponse({'code':404,'msg':'该用户已经存在了'})
else:
#使用django自带的加密模块,对密码进行加密处理
password = make_password(password=password,salt=username)
models.Usermodel.objects.create(user=username,password=password)
return JsonResponse({'code':200,'msg':'用户注册成功'})
2.2、登录视图
class LoginView(View):
def post(self,request):
user = request.POST.get('username')
password = request.POST.get('password')
user_obj = models.Usermodel.objects.filter(user=user).first()
if user_obj:
#检查用户的密码是否正确
is_true = check_password(password,user_obj.password)
if is_true:
response = JsonResponse({'code':200,'msg':'登录成功'})
#设置cookies
response.set_cookie('name',user)
#设置session
request.session['user']=user
return response
else:
return JsonResponse({'code':404,'msg':'密码错误'})
else:
return JsonResponse({'code':404,'msg':'用户不存在'})
2.3、家目录[需要登录才能进入]
class HomeView(View):
def get(self,request):
return JsonResponse({'code':200,'data':[1,2,3,4,5],'msg':'home界面'})
3、路由
from django.contrib import admin
from django.urls import path,include
from . import views
urlpatterns = [
path('login/',views.LoginView.as_view(),name='index-login'),
path('home/',views.HomeView.as_view(),name='index-home'),
path('register/',views.ResgisterView.as_view(),name='index-register'),
]
二、中间件认证类
1、认证类的书写
在根项目下,新建util包,创建authen.py文件,创建AuthenticationMiddle类
from django.utils.deprecation import MiddlewareMixin
from django.http import JsonResponse
class AuthenticationMiddle(MiddlewareMixin):
#认证中间件
def process_request(self,request):
#无需认证的白名单,后续之间添加进去就可以
pass_url = ['/index/login/','/index/register/']
request_path = request.path
if request_path in pass_url:
#白名单的路由无需进行认证步骤:如登录功能,或其他无需登录就可以访问的功能
return None
else:
user = request.session.get('user')
if user:
#用户登录过了,无需操作
return None
else:
return JsonResponse({'msg':'当前用户还没有登录'},status=403)
2、注册到settings.py 中
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'util.authen.AuthenticationMiddle',
]
三、使用的模块的说明
加密模块和解密模块
from django.contrib.auth.hashers import make_password, check_password
加密模块:
pwd = '123'
user = 'lhz'
password = make_password(password=pwd,salt=user)
#password 就是加密后的密码,盐是user,被加密的字符串是pwd
#使用加密的密码,给用户新建一条记录
model.UserModel.objects.create(user=user,password=password)
解密模块:
pwd = '123'
user = 'lhz'
user_obj = models.UserModel.objects.filter(username=user).first()
#第一个参数是未加密的字符串,第二个参数是加密后的字符串,判断第一个参数加密是否是第二个参数
is_true = check_password(pwd,user_obj.password)
if is_true:
#用户密码检查通过
else:
#用户密码错误
2、session和cookies模块使用
cookies:
from django.http import JsonResponse
def login(request):
#在登录成功后,在响应对象中,添加的cookies
#因为cookies数据是存到浏览器中的
repsonse = JsonResponse({'code':100})
response.set_cookies.set('user1','用户信息1')
response.set_cookies.set('user2','用户信息2')
return response
session:
from django.http import JsonResponse
def login(request):
#在登录成功后,在响应对象中,添加的cookies
#因为cookies数据是存到浏览器中的
repsonse = JsonResponse({'code':100})
response.set_cookies.set('user1','用户信息1')
response.set_cookies.set('user2','用户信息2')
#设置session,登录成功,设置session,用来记录用户登录状态,认证是认证session'数据的
request.session['is_login']=1
request.session['user']='当前的用户信息'
return response