python django 密码验证-通过自定义数据表

小咪咪 2022-05-14 04:54 246阅读 0赞

在django里面登录的动作其实不难就是数据的对比，但是难的是登录验证，主要是为了解决没有登录之前页面是无法查看的

Django 登录页面使用mysql为存储帐号密码的数据库，所以开始的话先要配置mysql，我这里使用python的mysqlclinet去实现集成

安装完成只需在setting里配置databases

Django登录验证分为两种一种是使用django自带的数据库进行验证 一种是自定义，这里我讲的是自定义，自定义的话密码需要sha256加密

但是加密过后的数据会非常长，所以设置数据库的字段大小的时候设置大一点

现展示下效果：

1.登录页面

[![images][]][images]

2.注册页面

[![images][images 1]][images 1]

登录页面前端主要代码：

<form method="post" enctype="multipart/form-data" >
     {% csrf_token %}
    {
      {uf.as_p}}
    <button type="submit" class="btn btn-default">登录</button>
        &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp
    <a href="{% url 'register' %}" class="btn btn-default">注册</a>
    </form>
      <div class="rem_sub">
    
       </div>
    注册页面前端主要代码：

<form method="post" enctype="multipart/form-data" >
     {% csrf_token %}
    {
      {register_form.as_p}}
    
    <button type="submit" class="btn btn-default">注册</button>
        &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp    &nbsp
    <a href="{% url 'login' %}" class="btn btn-default">登录</a>
      <p>{
      { message }}</p>
    </form>

加密算法函数：

def hash_code(s,salt='alys'):
        h = hashlib.sha256()
        s += salt
        h.update(s.encode())
        res = h.hexdigest()
        return res

[![images][images 2]][images 2]

我其中

ENGINE：数据库引擎

NAME：数据库名

HOST：主机

PORT：端口

USER：用户

PASSWORD：密码

OPTIONS：可以设也可以不设置，我这里设置的是解决 python3 manage.py migrate时候的报错 设置完成之后，设置models模型[![images][images 3]][images 3]

我一共设置了4个字段id为主键并且索引自动增长

后续3个就不介绍了，只说下password这个字段的max\_length必须要大

设置完成之后使用命令创建表结构

python3 manage.py makemigrations

python3 manage.py migrate

需要设置view

首先是登录函数：

UserForm是定义前端的输入框，并且附加class自定义类美化

login是进行登录验证并将验证加入缓存，是后续操作不需要重新登录

class UserForm(forms.Form):
        username = forms.CharField(label='用户名：',max_length=20,widget=forms.TextInput(attrs={'class':'txt_input txt_input2'}))
        password = forms.CharField(label='密码：',max_length=20,widget=forms.PasswordInput(attrs={'class':'txt_input txt_input2'}))
    def login(request):
        if request.session.get('is_login',None):
            return redirect('/index/')
        if request.method == "POST":
            uf = UserForm(request.POST)
            message='帐号密码必须写'
            if uf.is_valid():
                username = uf.cleaned_data['username']  #获取前端的数据
                password = uf.cleaned_data['password']
                try:
                    user = models.User.objects.get(username=username) #获取数据库对应的数据
                except:
                    message = '用户不存在'
                    return render_to_response(request, 'pages/login.html', {'uf':uf})
                if user.password == hash_code(password):
                    request.session['is_login'] = True #加入缓存 凭is_login判断是否已经登录
                    request.session['user_id'] = user.id
                    request.session['user_name'] = user.username
                    return redirect('/index/') #登录成功 重定向到主页
                else:
                    message='密码错误'
                    print(hash_code(password))
                    return render(request, 'pages/login.html', {'uf':uf})
        else:
            uf = UserForm()
    
        return render(request, 'pages/login.html', {'uf': uf})
    设置完成之后需要自己定义装饰器装饰每个函数 使他们没经过登录就跳转到登录界面

def outer(func):
        print ('start --------------------------------')
        def wrap(request,*arg,**kwargs):
            is_login=request.session.get('is_login',None)
            if is_login:
                ret = func(request,*arg,**kwargs)
                return ret
            else:
                return redirect('/')
        return wrap

后续只需要在每个函数前面加这个装饰器就可以了：@outer
    注销函数：

def logout(request):
        del request.session["user_name"]  # 删除session
        del request.session["user_id"]
        del request.session["is_login"]
        uf = UserForm(request.POST)
        return render(request, 'pages/login.html', {'uf': uf})
    注册函数：

class RUserForm(forms.Form):
        username = forms.CharField(label='用户名：',max_length=100,widget=forms.TextInput(attrs={'class':'txt_input txt_input2'}))
        password1 = forms.CharField(label='密码：',widget=forms.PasswordInput(attrs={'class':'txt_input txt_input2'}))
        password2 = forms.CharField(label='重新输入密码：', widget=forms.PasswordInput(attrs={'class': 'txt_input txt_input2'}))
        alias = forms.CharField(label='别名:',max_length=100,widget=forms.TextInput(attrs={'class':'txt_input txt_input2'}))

def register(request):
     
        if request.session.get('is_login',None):  #判断会话缓存是否有这个值 如果有就跳转到首页
            return redirect('/index/')
    
        if request.method == "POST": #判断请求方式
            register_form = RUserForm(request.POST)
            if register_form.is_valid():
                username = register_form.cleaned_data['username']
                password1 = register_form.cleaned_data['password1']
                password2 = register_form.cleaned_data['password2']
                alias = register_form.cleaned_data['alias']
                if password1 != password2:
                    message= '两次输入的密码不相同'
                    return render(request,'pages/register.html',locals())
                else:
                    smae_name_user = models.User.objects.filter(username=username)
                    if smae_name_user:
                        message = '用户名已经存在。请重新选择'
                        return render(request, 'pages/register.html', locals())
                new_user={'username':username,'password':hash_code(password2),'alias':alias}
                models.User.objects.create(**new_user)
                message='注册成功'
                return render(request, 'pages/register.html', locals())
        register_form = RUserForm()
        return render(request, 'pages/register.html', locals())  #locals是获取当前的所有变量变成集合

后续也可以将该数据表放到后台方便管理：
    在admin.py里写入

[images]: http://www.yingjianjian.com/wp-content/uploads/2018/01/fe5dec2b2d2246604395c3decde2f0ed.png
[images 1]: http://www.yingjianjian.com/wp-content/uploads/2018/01/be5fa8003c123f609758898d158854f2.png
[images 2]: http://www.yingjianjian.com/wp-content/uploads/2018/01/59f6fe379d0599cf3101121693acf9b7.png
[images 3]: http://www.yingjianjian.com/wp-content/uploads/2018/01/8fbd73bb7e7df50123a21ef5fe21cce0.png