Question

尝试为django应用程序创建密码验证，但是一个问题是持久存在于forms.py中的clean_password函数中，当我在测试时（使用模板中的UI表单）和完整匹配的密码，我仍然会提高错误消息“密码不匹配”。对我做错了什么的任何线索？

forms.py：

#coding=utf-8
from django import forms
from django.contrib.auth.models import User
from django.utils.translation import ugettext_lazy as _
from django.forms import extras
import time
from models import ProfileUser

now=time.localtime()

###### Login for users ###########
class LoginForm(forms.Form):
    username=forms.CharField(label=_(u"username"),max_length=30,widget=forms.TextInput(attrs={'size': 20,}))
    password=forms.CharField(label=_(u"password"),max_length=30,widget=forms.PasswordInput(attrs={'size': 20,}))

    class Meta:
        """docstring for Meta"""
        model = User
class RegisterForm(forms.ModelForm):
    email=forms.EmailField(max_length=30, widget=forms.TextInput(attrs={'placeholder': 'Email', 'required':True}))
    username=forms.CharField(max_length=30, widget=forms.TextInput(attrs={'placeholder': 'Username','required':True}))
    password=forms.CharField(max_length=30, widget=forms.PasswordInput(attrs={'placeholder': 'Password','required':True}))
    password2=forms.CharField(max_length=30, widget=forms.PasswordInput(attrs={'placeholder': 'Re-Enter Password','required':True}))




    class Meta:
        """ To Specify the fields within User model from django, and to prevent abstraction"""
        model = User
        fields = ('email', 'username', 'password', 'password2')


    def clean_username(self):
        users = User.objects.filter(username__iexact=self.cleaned_data["username"])
        if not users:
            return self.cleaned_data["username"]
        raise forms.ValidationError("This username already exist")

    def clean_email(self):
        emails = User.objects.filter(email__iexact=self.cleaned_data["email"])
        if not emails:
            return self.cleaned_data["email"]
        raise forms.ValidationError("Email is already registered")

    def clean_password(self):
        password = self.cleaned_data.get("password")
        password2 = self.cleaned_data.get("password2")

        cleaned_data = (password, password2)

        if password != password2:
            raise forms.ValidationError("The password does not match ")

        return cleaned_data

views.py：

#coding=utf-8
from django.shortcuts import render
from django.core.urlresolvers import reverse
from django.http import HttpResponse, HttpResponseRedirect
from django.shortcuts import render_to_response
from django.template import RequestContext
from django.contrib import messages
from django.contrib.auth.models import User
from django.contrib.auth import authenticate, login as auth_login ,logout as auth_logout
from django.utils.translation import ugettext_lazy as _
from forms import LoginForm, RegisterForm
from models import ProfileUser


###### Login for users ###########
def login(request):
    template_var={}
    form = LoginForm()
    if request.method == 'POST':
        form = LoginForm(request.POST.copy())
        if form.is_valid():
            _login(request,form.cleaned_data["username"],form.cleaned_data["password"])
            return HttpResponseRedirect(reverse("login"))
    template_var["form"]=form
    return render_to_response("registration/login.html",template_var,context_instance=RequestContext(request))


def _login(request,username,password):
    ret = False
    user = authenticate(username=username,password=password)
    if user:
        if user.is_active:
            auth_login(request,user)
            ret=True
        else:
            messages.add_message(request, messages.INFO, _(u'user is not active'))
    else:
        messages.add_message(request, messages.INFO, _(u'Incorrect username or password'))
    return ret


###### Registration for users ###########
def register(request):
    template_var={}
    form = RegisterForm()
    if request.method=="POST":
        form=RegisterForm(request.POST.copy())
        if form.is_valid():
            username=form.cleaned_data["username"]
            email=form.cleaned_data["email"]
            password=form.cleaned_data["password"]
            user=User.objects.create_user(username,email,password)
            user.save()
            _login(request,username,password)
            return HttpResponseRedirect("base")
    template_var["form"]=form
    return render_to_response("registration/signup.html",template_var,context_instance=RequestContext(request))

模板：

{% extends 'home/base.html' %}
{% block title %}Signup with Indieitude{% endblock title %}

{% block search %}
{% endblock search %}


{% block space %}
<div  class="space-registration"></div>
{% endblock space %}

{% block signup %}  
<div id="content"> 
    <div class="block">
        <div class="box-login">
            <div class="head">
                 <h2 class="heading-title">Start Discovering</h2>

                <p align="center"><em>Log in with your Facebook</em>
                </p>
            </div>
            <div class="socialconnect"> <a href="#" class="facebook">Log in with Facebook</a>

            </div>
            <p align="center"><em>Or signup with your email & name</em>
            </p>
            <div class="box-form">
                <form action="" method="post">{% csrf_token %}


                    <p>
                        {{form.email}}
                    </p>
                    <p>
                        {{form.username}}
                    </p>
                    <p>
                        {{form.password}}
                    </p>
                    <p>
                        {{form.password2}}
                    </p>
                    <div class="alerts errorlist">
                        <span>{{form.username.errors}}</span>
                        <span>{{form.email.errors}}</span>  
                        <span>{{form.password.errors}}</span>   
                    </div>
                    <p class="agree">By signing up, I agree to Indieitude's <a href="#">Terms of Service</a> & <a href="#">Privacy Policy</a>
                    </p>
                    <p>
                        <input type="submit" name="submit" value="register" class="button large bold">
                    </p>
                </form>
            </div>
            <div class="footer">
                 <h2 class="heading-title" align="center">Already have an account? <a href="{% url "profiles.views.login" %}">Login</a></h2>
            </div>
        </div>
    </div>
</div>
{% endblock signup %}

Answer 1

在验证彼此依赖的字段时，应使用 clean 方法。这样就可以填充cleaning_data字典，并且您可以自由执行任何其他检查。

https://docs.djangoproject.com/en/dev/ref/forms/validation/#cleaning-and-validating-fields-that-depend-on-each-other

def clean_username(self):
    # ...

def clean_email(self):
    # ...

def clean(self):
    cleaned_data = super(RegisterForm, self).clean()
    password = cleaned_data.get("password")
    password2 = cleaned_data.get("password2")

    if password != password2:
        raise forms.ValidationError("The password does not match")

Answer 2

所以我在前一段时间使用过帖子：Why is checking if two passwords match in Django so complicated?

基本上，我需要为password2写一个额外的检查，而不是覆盖django的clean方法，但是扩展我的password2功能，只是在我的函数定义中返回passowrd2，并在我的模板中更新错误消息：{{ form.password2.errors}}

django 1.6中的密码验证错误

2 个答案: