在我的项目中,我实现了一个登录系统,用户可以使用其用户名或登录。我基本上是尝试查找用户电子邮件是否插入到“ usernameOrEmail”表单字段中,或者是否是他们在“ usernameOrEmail”字段中输入的用户名。然后,如果找到用户,我将其登录。
这是我的代码:
def login(request):
context = {}
if request.method == "POST":
isFound = ""
form = LoginForm(request.POST)
if form.is_valid():
try:
user = User.objects.get(username=form.cleaned_data.get("usernameOrEmail"))
isFound = "usernameFound"
except User.DoesNotExist:
try:
user = User.objects.get(email=form.cleaned_data.get("usernameOrEmail"))
isFound = "emailFound"
except User.DoesNotExist:
isFound = "nothingFound"
if isFound == "usernameFound":
print("USERNAME FOUND!")
user = auth.authenticate(username=form.cleaned_data.get("usernameOrEmail"), password=form.cleaned_data.get("password"))
if user is not None:
auth.login(request, user)
return redirect('home')
else:
context["error"] = "Oops, username/email or password provided is invalid"
elif isFound == "emailFound":
print("EMAIL FOUND")
user = auth.authenticate(email=form.cleaned_data.get("usernameOrEmail"), password=form.cleaned_data.get("password"))
if user is not None:
print("YES")
auth.login(request, user)
return redirect('home')
else:
print("NO")
context["error"] = "Oops, username/email or password provided is invalid"
else:
context["error"] = "Oops, username/email or password provided is invalid"
else:
context["error"] = "Please enter valid form data"
else:
form = LoginForm()
很奇怪,终端返回了打印语句“ EMAIL FOUND”,这意味着找到了用户的电子邮件,但是也打印了“ NO”打印语句,并且消息“糟糕,提供的用户名/电子邮件或密码无效” ”返回到模板中。
另一个奇怪的事情是,该系统适用于用户名,这意味着当我在“ usernameOrEmail”字段中输入用户名,然后输入正确的密码时,用户就可以登录。有人知道这个问题吗?谢谢。
答案 0 :(得分:1)
标准身份验证后端仅适用于username
和password
。实际上,ModelBackend
中的authenticate
method [GitHub]实现为:
def authenticate(self, request, username=None, password=None, **kwargs): if username is None: username = kwargs.get(UserModel.USERNAME_FIELD) if username is None or password is None: return try: user = UserModel._default_manager.get_by_natural_key(username) except UserModel.DoesNotExist: # Run the default password hasher once to reduce the timing # difference between an existing and a nonexistent user (#20760). UserModel().set_password(password) else: if user.check_password(password) and self.user_can_authenticate(user): return user
但这不是问题。您可以使用以下方法实现此目的:
def login(request):
context = {}
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
try:
user = User.objects.get(username=form.cleaned_data['usernameOrEmail'])
except User.DoesNotExist:
try:
user = User.objects.get(email=form.cleaned_data['usernameOrEmail'])
except User.DoesNotExist:
user = None
if user is not None:
user = auth.authenticate(username=user.username, password=form.cleaned_data['password'])
if user is not None:
auth.login(request, user)
return redirect('home')
else:
context['error'] = 'Oops, username/email or password provided is invalid'
else:
context['error'] = 'Please enter valid form data'
else:
form = LoginForm()
# …