我是否可以使用Django用户模型提供的相同身份验证系统为继承Abstract Base User模型的模型,如果没有,那么我们还能做些什么呢?另外,如何配置ModelAdmin以提供对这些模型的管理员访问权限?
答案 0 :(得分:2)
您更喜欢使用Django的内置身份验证系统,这可能是一个指示,根据Abstract Base User模型替换自定义User类是不必要的。您可能需要考虑使用一对一关系(how-to from the docs)扩展User类。这将允许您保留Django的所有默认行为,以及添加您希望用户拥有的任何其他字段,方法等。我们发现这对于我们的大多数情况都是足够的,而且比创建一个全新的Use类要麻烦得多。
无论如何,您可以通过继承BaseUserManager并创建新经理来创建自定义身份验证,然后将自定义用户的objects字段分配给此新经理。或者,您可以将自定义用户的objects字段分配给Django的经理。如果您需要某种自定义身份验证,则应该只创建自己的管理器(例如,使用电子邮件而不是用户名登录)。以下是有关如何执行该操作的文档的link。
要使用Django的admin注册自定义用户模型,您需要在特定应用的admin.py文件中执行一些操作。首先,创建用于创建和编辑用户的自定义表单,然后在自定义用户管理类中继承UserAdmin,并引用先前创建的表单。最后,使用admin.site.register()注册新的用户管理员。以下是admin.py文件的完整示例:
from django import forms
from django.contrib import admin
from django.contrib.auth.models import Group
from django.contrib.auth.admin import UserAdmin
from django.contrib.auth.forms import ReadOnlyPasswordHashField
from customauth.models import MyUser
class UserCreationForm(forms.ModelForm):
"""A form for creating new users. Includes all the required
fields, plus a repeated password."""
password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
class Meta:
model = MyUser
fields = ('email', 'date_of_birth')
def clean_password2(self):
# Check that the two password entries match
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
if password1 and password2 and password1 != password2:
raise forms.ValidationError("Passwords don't match")
return password2
def save(self, commit=True):
# Save the provided password in hashed format
user = super(UserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password1"])
if commit:
user.save()
return user
class UserChangeForm(forms.ModelForm):
"""
A form for updating users. Includes all the fields on
the user, but replaces the password field with admin's
password hash display field.
"""
password = ReadOnlyPasswordHashField()
class Meta:
model = MyUser
fields = ['email', 'password', 'date_of_birth', 'is_active', 'is_admin']
def clean_password(self):
# Regardless of what the user provides, return the initial value.
# This is done here, rather than on the field, because the
# field does not have access to the initial value
return self.initial["password"]
class MyUserAdmin(UserAdmin):
# The forms to add and change user instances
form = UserChangeForm
add_form = UserCreationForm
# The fields to be used in displaying the User model.
# These override the definitions on the base UserAdmin
# that reference specific fields on auth.User.
list_display = ('email', 'date_of_birth', 'is_admin')
list_filter = ('is_admin',)
fieldsets = (
(None, {'fields': ('email', 'password')}),
('Personal info', {'fields': ('date_of_birth',)}),
('Permissions', {'fields': ('is_admin',)}),
)
# add_fieldsets is not a standard ModelAdmin attribute. UserAdmin
# overrides get_fieldsets to use this attribute when creating a user.
add_fieldsets = (
(None, {
'classes': ('wide',),
'fields': ('email', 'date_of_birth', 'password1', 'password2')}
),
)
search_fields = ('email',)
ordering = ('email',)
filter_horizontal = ()
# Now register the new UserAdmin...
admin.site.register(MyUser, MyUserAdmin)
# ... and, since we're not using Django's built-in permissions,
# unregister the Group model from admin.
admin.site.unregister(Group)
使用admin.py文件完成后,使用AUTH_USER_MODEL文件中的settings.py变量将自定义模型指定为默认用户模型。
AUTH_USER_MODEL = 'customauth.MyUser'