我正在尝试检查当前登录的用户是否为admin,然后允许他们访问管理页面,否则返回首页。
这是我的view.py
from django.shortcuts import render, redirect
from django.http import HttpResponse
from django.contrib.auth import login, logout, authenticate
from django.contrib import messages
from teacher.models import users
def login(request):
if request.method == "POST":
username = request.POST['username']
password = request.POST['password']
user = authenticate(username = username, password = password)
if user is not None:
login(request, user)
print (user)
messages.success(request, "You have successfully Logged In.")
return redirect('index')
else:
messages.error(request, "You have entered invalid credentials. Please try again")
return redirect('login')
else:
return render(request, 'main/login.html')
def admin(request):
user = users.objects.get(category = 'admin')
if user:
return render(request, 'main/admin.html')
elif Exception:
return render(request, 'main/home.html')
这是我的模型。py
class users(models.Model):
_id = models.AutoField
name = models.CharField(max_length = 100)
username = models.CharField(max_length = 100)
email = models.EmailField(max_length=254)
hpassword = models.CharField(max_length = 255)
category = models.CharField(max_length=50, default= "teacher")
我尝试使用不同的查询方法。但是我最终收到错误页面,因为“用户匹配查询不存在”。此外,它不会检查用户是否登录。即使用户未登录,它也会返回到管理页面。
答案 0 :(得分:1)
您是否搜索装饰器?看看Check admin login on my django app
,对于仪表板访问权限检查Django login Decorator,如果未登录,则可以将用户重定向回登录页面。
from django.contrib.auth.decorators import login_required
@login_required
def my_view(request):
...
第二个“用户匹配查询不存在”。 检查您是否有数据库表。确保已进行迁移 并使用Try Exception
try:
user = users.objects.get(category = 'admin')
if user:
return render(request, 'main/admin.html')
except Exception as e:
return render(request, 'main/home.html')
答案 1 :(得分:-1)
django中的默认用户类具有一个名为'is_superuser'的布尔字段,该字段定义是否为用户admin。