一,概述:
auth 系统包括:
1)Users
2)Permissions: Binary (yes/no) flags designating whether a user may perform a certain task.(权限:二进制(是/否)标志,指示用户是否可以执行某个任务。)
3)Groups: A generic way of applying labels and permissions to more than one user.(组:向多个用户应用标签和权限的通用方法。)
4)A configurable password hashing system(一个可配置的密码散列系统)
5)Forms and view tools for logging in users, or restricting content(用于用户登录或者限制内容的表单和视图工具)
6)A pluggable backend system(一个可插入的后台系统)
7)Password strength checking(密码强度检查)
8)Throttling of login attempts(限制登录尝试)
9)Authentication against third-parties (OAuth, for example)(针对第三方的认证,例如(OAuth))
Installation(安装)
1)INSTALLED_APPS中配置 django.contrib.auth' 和django.contrib.contenttypes
2)在MIDDLEWARE中配置 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware',
Usage(用法)
一,Using the Django authentication system¶(使用Django 认证系统)
1)User objects:The primary attributes of the default user are:(默认用户的主要属性): username, password, email,firstname,lastname
2)Creating users:
>>> from django.contrib.auth.models import User
>>> user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword') # At this point, user is a User object that has already been saved
# to the database. You can continue to change its attributes
# if you want to change other fields.
>>> user.last_name = 'Lennon'
>>> user.save()
3)Creating superusers
$ python manage.py createsuperuser --username=joe --email=joe@example.com
4)Changing passwords
>>> from django.contrib.auth.models import User
>>> u = User.objects.get(username='john')
>>> u.set_password('new password')
>>> u.save()
5)Authenticating users
from django.contrib.auth import authenticate
user = authenticate(username='john', password='secret')
if user is not None:
# A backend authenticated the credentials
else:
6)Authentication in Web requests判断用户是否登录
if request.user.is_authenticated:
# Do something for authenticated users.(已登录)
...
else:
# Do something for anonymous users.
7)How to log a user in(如何登录用户)
from django.contrib.auth import authenticate, login def my_view(request):
username = request.POST['username']
password = request.POST['password']
user = authenticate(request, username=username, password=password)
if user is not None:
login(request, user)
# Redirect to a success page.
...
else:
# Return an 'invalid login' error message.
8)How to log a user out¶(如何退出)
from django.contrib.auth import logout def logout_view(request):
logout(request)
# Redirect to a success page.
8)登录装饰器(The login_required decorator¶)
from django.contrib.auth.decorators import login_required @login_required
def my_view(request):