我正在为我的应用程序使用Django auth系统。我使用CustomUser功能创建了一个AbstractUser表来添加更多字段。
// models.py
from django.contrib.auth.models import AbstractUser
from django.contrib.sessions.models import Session
class CustomUser(AbstractUser):
addr1= models.CharField(max_length=20)
addr2= models.CharField(max_length=20)
city= models.CharField(max_length=20)
state= models.CharField(max_length=20)
class UserSession(models.Model):
user= models.ForeignKey(settings.AUTH_USER_MODEL)
session=models.ForeignKey(Session)
// views.py
from .models import UserSession
from django.contrib.auth.signals import user_logged_in
def login(request):
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/Student_home.html') # Redirect to a success page.
else:
return HttpResponse("disabled account") # Return a 'disabled account' error message
else:
return HttpResponse("invalid login") # Return an 'invalid login' error message.
def logout(request):
logout(request)
return HttpResponseRedirect('/Student_home.html') # Redirect to a success page.
def user_logged_in_handler(sender,request,user, **kwargs):
UserSession.objects.get_or_create(
user= user,
session_id= request.session.session_key
)
user_logged_in.connect(user_logged_in_handler, sender=CustomUser)
def delete_user_sessions(CustomUser):
user_sessions=UserSession.objects.filter(user=CustomUser)
for user_session in user_sessions:
user_session.session.delete()
// forms.py
from django.contrib.auth.forms import AuthenticationForm
from django import forms
class LoginForm(AuthenticationForm):
username = forms.CharField(label="Username", max_length=30,
widget=forms.TextInput(attrs={'class': 'form-control', 'name': 'username'}))
password = forms.CharField(label="Password", max_length=30,
widget=forms.TextInput(attrs={'class': 'form-control', 'name': 'password'}))
// project / urls.py(外部的)
from django.contrib.auth import views
from student.forms import LoginForm
url(r'^login/$', views.login, {'template_name': 'login.html', 'authentication_form': LoginForm}, name='login'),
url(r'^logout/$', views.logout, {'next_page': '/login'}),
//的login.html
<div class="container">
<section id="content">
<form action="{% url 'login' %}" method="post" enctype="multipart/form-data">
{% csrf_token %}
<h1>Login Form</h1>
<div class="imgcontainer">
<img src="{% static 'student/patient.jpg' %}" alt="Avatar" class="avatar">
</div>
<div class="username">
{{ form.username.label_tag }}
{{ form.username }}
</div>
<div class="password">
{{ form.password.label_tag }}
{{ form.password }}
</div>
<div class="submitb">
<input type="submit" value="Log In" name="mybtn">
</div>
<div class="resetb">
<input type="submit" value="Reset">
<a href="#forgotpwd">Forgot password?</a>
</div>
<input type="hidden" name="next" value="{{ next }}" />
</form>
</section>
</div>
// settings.py
LOGIN_REDIRECT_URL = '/login/sample'
登录系统和身份验证系统工作正常。但这是问题所在。当用户无法登录时(用户名和密码错误),它不会采取任何操作。但它确实被重定向到了样本&#39;我猜的页面是settings.py中的东西。此外,当用户注销时,用户不会被重定向到任何页面,尽管我已指定应将其重定向到主页。我认为控件并没有进入“登录”状态。并且&#39;退出&#39;视图。当用户注销时,会话也不会被删除,因为这些会话在&#39; login()&#39;上创建和删除。和&#39;退出()&#39; django auth系统的功能。
这里有什么问题?