我正在尝试构建一个基本的django Web应用程序。我现在使用身份验证和身份验证模型,我的代码只需要用户名和密码。如何通过添加密码验证步骤或用户ID检查服务来使其更好?
def authenticate(request):
user = auth.authenticate(username=request.POST['username'], password=request.POST['password'])
if user == None:
return HttpResponse('username or password error')
auth.login(request, user)
#I requested "request"!!!!
return HttpResponseRedirect(request.POST.get('next', '/') or '/')
def signup(request):
return render_to_response('signup_account.html', locals(), RequestContext(request))
def create(request):
#user = User.objects.create_user(username=request.POST['username'], first_name=request.POST['userfirstname'], last_name=request.POST['userlastname'],
# email=request.POST['email'],
# password=request.POST['password'])
user = User.objects.create_user(username=request.POST['username'],
password=request.POST['password'])
print 'create', user
user = auth.authenticate(username=request.POST['username'], password=request.POST['password'])
print 'authenticated', user
auth.login(request, user)
#Here what I want to do is to allow users to screen their wrong id.
#+ Password check.
subject = 'Thank you'
message = 'Welcome home /n I am so happy'
from_email = settings.EMAIL_HOST_USER
to_list = [user.email,settings.EMAIL_HOST_USER ]
send_mail(subject, 'Wow, this email sending altorithm is working.\n What a marvelous function is.', settings.EMAIL_HOST_USER,
to_list, fail_silently=False)
return HttpResponseRedirect(request.POST.get('next', '/') or '/')
以下是登录html代码。
<html>
<head>
<link rel="stylesheet" type="text/css" href="/static/css/bootstrap.css">
</head>
<body>
<h1>Sign Up</h1>
<div class="container">
<form class="form" action="/accounts/create" method="post">
<input type="hidden" name="csrfmiddlewaretoken" value="{{csrf_token}}">
<input type="hidden" name="next" value="{{ request.GET.next }}">
<div class="form-group">
<label>User ID</label>
<input class="form-control" type="text" name="username">
</div>
<div class="form-group">
<label>First Name</label>
<input class="form-control" type="text" name="userfirstname">
</div>
<div class="form-group">
<label>Last Name</label>
<input class="form-control" type="text" name="userlastname">
</div>
<div class="form-group">
<label>Email</label>
<input class="form-control" type="email" name="email">
</div>
<div class="form-group">
<label>Password</label>
<input class="form-control" type="password" name="password">
</div>
<input type="submit" class="btn btn-primary" value="Sign Up">
</form>
</div>
</body>
</html>
我是一个非常初学者,我甚至被迫认为通过直接在html文件中插入代码可以实现这一点。我期待听到任何反馈!谢谢。
答案 0 :(得分:4)
你有用户名和密码......所以把它传递给试试......
username = request.POST['username']
password = request.POST['password']
try:
user = User.objects.get(username=username)
if user.check_password(password):
username = user.username
user = authenticate(username=username, password=password)
login(request, user)
messages.success(request, "Welcome")
return HttpResponseRedirect(#your url
else:
messages.error(request, "Password not match")
return HttpResponseRedirect(#your url
except User.DoesNotExist:
pass